2021.12.16 Release Notes
  • 28 Jan 2022
  • 1 Minute to read
  • Dark

2021.12.16 Release Notes

  • Dark

Article Summary

2021.12.16 Release Notes

Product Features and Enhancements

Reference Number(s)SummaryComponents
RIC-772Web SecurityWeb Security
 RIC-648OSS Security VulnerabilitiesSecurity Vulnerability
  RIC-647CVE-2017-5662 XML External Entity (XXE) InjectionSecurity Vulnerability
  RIC-646CVE-2021-28170 Improper Input ValidationSecurity Vulnerability
  RIC-645CVE-2021-41079 Denial of Service (DoS)Security Vulnerability
  RIC-644CVE-2020-28491 Denial of Service (DoS)Security Vulnerability
  RIC-643CVE-2020-13954 Cross-site Scripting (XSS)Security Vulnerability
  RIC-642CVE-2020-25638 SQL InjectionSecurity Vulnerability
  RIC-641[CVE-2016-1000031] Arbitrary Code ExecutionSecurity Vulnerability
RIC-773SSO PortalSSO Portal
 RIC-599SSO Portal EnhancementsSSO Portal
  RIC-701Add Application Search to SSO Portal Home Page [BE]SSO Portal
  RIC-607Drag and drop applications in Persona ConfigurationSSO Portal
  RIC-606Launch applications from App Directory via single-clickSSO Portal
  RIC-604Add sort to application list in persona configSSO Portal
  RIC-602Add Application Search to SSO Portal Home PageSSO Portal
RIC-838Studio JobsStudio
 RIC-412Higher-level Studio Job OrchestrationStudio
  RIC-428Decrease Job Runtime and Other Job Speed ImprovementsStudio
RIC-491Studio ImprovementsStudio
 RIC-409Update Studio Application Look and feelStudio
  RIC-675Grey out Access Group list and add access group button when unrestricted access is enabledStudio
  RIC-670Remove title from pagesStudio
  RIC-669Use Chips for Linked SSO Apps Studio
  RIC-664Change Font from 'Roboto' to 'Inter'Studio

Feature Improvements

Reference Number(s)SummaryComponents
RIC-632InCommon: Add timestamp to the date provided by Metadata RefreshInCommon
RIC-659UI: Handle locale sortingRIC
RIC-733BE: Improve GAL item validationGAL

Resolved Issues

Reference Number(s)SummaryComponents
RIC-772Web SecurityWeb Security
 RIC-648OSS Security VulnerabilitiesSecurity Vulnerability
  RIC-759CVE-2019-17195: nimbus-jose-jwt information disclosureSecurity Vulnerability
  RIC-745CVE-2013-5960: OWASP ESAPI MAC Validation BypassSecurity Vulnerability
  RIC-744CVE-2019-17195: nimbus-jose-jwt improper check for unusual conditionsSecurity Vulnerability
  RIC-742CVE-2020-13956: Apache HTTP Components Improper Input ValidationSecurity Vulnerability
  RIC-741CVE-2020-28052: Bouncy Castle Comparison Using Wrong FactorsSecurity Vulnerability
  RIC-740CVE-2021-22118: Spring Framework Privilege EscalationSecurity Vulnerability
  RIC-739CWE-20: Logback insufficient hostname verificationSecurity Vulnerability
  RIC-738CVE-2020-8908: Guava information disclosureSecurity Vulnerability
  RIC-737CVE-2021-29425: Commons-IO directory traversalSecurity Vulnerability
RIC-627Handle sorting on BE application-wideSorting
RIC-629Can't Clear out 'DATE' attribute from delegation profilesPeople
RIC-631Update Profile Date attribute to not have a valueDelegations
RIC-658httpDELETE action should accept a request bodyConnect
RIC-660History diff does not show new input parameter configurationConnect
RIC-661On openLDAP servers, the Advanced Search Tool dropdown doesn't display all searchable options.Search
RIC-662People: Change Password confirmation has unneeded "Save" buttonPeople
RIC-691Permission errors in new architecture do not prevent loadingPortal
RIC-727IDP Challenge Question Setup: Weird "X" image being used, different than before.IDP
RIC-729People: Sponsored accounts failing to loadPeople
RIC-732UI: Correctly handle type params for GAL itemsGAL
RIC-754UI: need to URL encode path and query params for Connect file actionsConnect, Files
RIC-763Studio Double sidebar when leaving an application via breadcrumb with unsaved changes.Studio
RIC-765Studio: Credential type dropdown not updating title to chosen type - only in Firefox.Studio
RIC-784Cleanup locale sortingConnect
RIC-806SMS incorrectly prepends dial prefix to numbers that already have a + codeAuthentication
RIC-809IDaaS: SMS ConfigurationConfiguration, SMS
RIC-810Tenant Admin cannot update dialPrefixConfiguration, SMS

Updated on Thu Jan 27 2022 08:02:13 GMT-0500 (Eastern Standard Time)

Was this article helpful?