Page tree
Skip to end of metadata
Go to start of metadata

2.1.1

Version Case ID Internal ID Components Summary
2.1.1

32586

XE-6533

Access Control

Description

User without execute permission in Workflow still able to view and execute the workflow on MZOnline.

Resolution

Permissions have now been added in MZOnline for configuring that a user without execution permission in Workflow would not able to access workflow.
2.1.1

XE-6558

Core

Description

When configuring the pool size of a database used in a workflow, the execution context creates additional temporary connections even if a maximum limit is specified.

Resolution

A new system property connectionpool.strict.pool.size has been added which will turn the database connection pool into a Blocking Queue implementation with a strict maximum limit.
2.1.1

XE-6771

Ultra

Description

The {{udrDecode}} and {{udrEncode}} commands have a number of problems introduced in Usage Engine PE 2.1.0 due to thread model changes. {{udrDecode}} can cause memory leaks when used in the {{initialize}} block and {{udrEncode}} can somtimes cause workflow aborts when used in standalone workflows.

Resolution

The implementation of the udrDecode and {{udrEncode}} commands has now been revised and the detected problems fixed.
2.1.1

32356

XE-6624

MZSH

Description

In the class ConnectionFactoryHelper, changing the logging level does not stop you from getting a specific log message even when the logging level is not critical.

Resolution

Logger in ConnectionFactoryHelper is fixed.
2.1.1

XE-6642

Docker

Description

A vulnerability was detected in the nginx version.

Resolution

The nginx version has now bee upgraded and the vulnerability removed.
2.1.1

XE-6699

Operator

Description

A vulnerability was detected in the Golang version.

Resolution

The Golang version has now bee upgraded and the vulnerability removed.
2.1.1

33128

XE-6732

Aggregation Inspector

Description

If an aggregation profile has storage path configured with external reference, then session inspector is not showing contents of that aggregation storage.

Resolution

Function reading aggregation profile configuration for session inspector was changed to the one handling external references properly.
2.1.1

XE-6570

MZOnline

Description

When clicking on the *Kubernetes Dashboard* in MZOnline, you are redirected back to the login page, even though when entering the URL to the dashboard directly, you are directed to the right location.

Resolution

This problem has now been fixed, and clicking on *Kubernetes Dashboard* will take you to the right location.
2.1.1

32923

XE-6697

Aggregation Inspector

Description

If the Platform and ECs do not share the storage, then the session count will be incorrect after changing the ec for the profile.

Resolution

Property {{mz.aggregation.storage.file.shared}} for every EC needs to be set to false . Also aggregation session lock mechanism is fixed for profile with separate storage per workflow settings.
2.1.1

32942

XE-6661

External References

Description

When working in MZOnline, users that are in groups without read or write permission are still able to edit and save External Reference profiles, while in Desktop this is not possible.

Resolution

This has now been fixed and users without read or write permission cannot edit and save External Reference profiles in MZOnline or Desktop.
2.1.1

32219

XE-6545

Access Control

Description

When using the auto unlock feature for users, a locked user account is still not unlocked after the stated number of minutes.

Resolution

This problem has not been fixed and a locked user account is automatically unlocked after the stated number of minutes.

2.1.0

Version Case ID Internal ID Components Summary
2.1.0

32133

XE-6351

Desktop Launcher

Description

A number of vulnerabilities were detected.

Resolution

The following fixes have now been made:
  • * X-Frame-Options header included in the HTTP response to prevent ClickJacking attacks
  • * Anti-MIME-Sniffing header X-Content-Type-Options set to 'nosniff' to prevent older versions of Explorer and Chrome to sniff MIME sniffing on the response body
  • * Signing of Desktop Launcher
  • * Upgrading of 3pps
2.1.0

31446

XE-6222

Data Veracity

Description

When using data masking with data veracity it is not possible to export the configured masked fields when performing a configuration export.

Resolution

This has now been fixed, and it is possible to export and import the Dataveracity masked fields.
2.1.0

31110

XE-5970

Security

Description

A vulnerability was detected in the OS in the Docker images.

Resolution

This issue has now been fixed and the vulnerability removed.
2.1.0

30875

XE-5920

Logging

Description

When using log forwarding, group messages are not forwarded.

Resolution

This problem has now been fixed and group messages are forwarded.
2.1.0

30262

26077

XE-5645

UDR File Editor

Description

When you click *Open* to select UDR file, the button shows as *Save* instead of *Open*.

Resolution

This issue is fixed, and the button shows the text *Open*.
2.1.0

29494

XE-5631

5G Profile

Description

5G profiles containing null nested values, encoded and sent in HTTP2 requests will result in bad requests being returned as response.

Resolution

Null nested values in the 5G profile are no longer included in the encoded value that is sent in HTTP2 requests.
2.1.0

29505

XE-5558

IBM MQ

Description

Setting the fields host and port in the MQQueueManagerInfo UDR does not work as expected.

Resolution

This has now been fixed, and configuration  of the host and port fields will work as intended.
2.1.0

30425

XE-5713

Installation

Documentation

Description

During the TLS certificate provision, when the keystore is stored in a Kubernetes Secret, it is a common misconception that the platform.tls.key and platform.tls.key.alias in the values.yaml are to be removed/commented considering they might be used for the disk based keystore.

Resolution

Do not remove/comment the platform.tls.key and platform.tls.key.alias fields in the values.yaml file. This issue is fixed by providing a note on InfoZone to inform the user about the same.
2.1.0

32222

XE-6394

Data Veracity

Description

When there is a nested UDR, the masking fields will not work and will display the nested UDR value.

Resolution

To properly mask the nested UDR, a refactor will be required on the backend code. As of now a workaround is provided where you will have to declare the nested UDR fields in the parent UDR itself when choosing the fields to data mask.
2.1.0

XE-5936

Workflow Packages

Description

Workflow package sometimes aborts trying to find decoder outside the package.

Resolution

This has now been fixed, so workflow packaged supports both batch and realtime workflows.
2.1.0

XE-5802

APL

Description

The two APL functions udrDecode and udrEncode are single threaded which can cause performance issues.

Resolution

The implementation has been updated to use thread local decoders and encoders to avoid this problem.*Note* This fix takes effect when the workflow is saved or configuration implementations are regenerated by using the "regenerateconfigs" mzsh command.
2.1.0

XE-4400

mzcli

Description

The two APL functions udrDecode and udrEncode are single threaded which can cause performance issues.

Resolution

The Group information from mzcli has changed its format so the output says Enabled/Disabled instead. You can also see a list with all the members of a group.
2.1.0

XE-6001

Postgres

Description

A vulnerability was detected in the Postgres version used.

Resolution

Postgres has now been updated and the vulnerability removed.
2.1.0

XE-5980

Kubernetes

Description

The entrypoint for the platform pod has no sigterm handling which means the platform will not gracefully terminate when the pod is deleted. This could lead to resources not being released properly, files not being synced and other non-deterministic effects.

Resolution

This problem has now been fixed, and a sigterm handler has been added in the entrypoint.sh.
2.1.0

XE-4988

Aggregation

MZOnline

Description

A prompt with a warning that the Aggregation Profile is locked will occur when you try to delete a single aggregation session or when using the Delete All function.

Resolution

The issue is due to an incorrect handling on the backend code for the aggregation session storage. With a better handling now in place, you can delete the aggregation session once more.
2.1.0

30719

XE-5895

HTTP/2

Description

When the HTTP/2 Server agent is included in a workflow that also contains the HTTP/2 Client agent, the HTTP/2 Server agent produces incorrect decoding issues which do not appear if the same payload is run in the workflow after the HTTP/2 Client agent has been removed. 

Resolution

This problem has now been fixed and the HTTP/2 Server agent decoding provides the same result regardless of the presence of the HTTP/2 Client agent.

2.0.x

2.0.3

Version Case ID Internal ID Components Summary
2.0.3

XE-6278

Web Desktop

Description

The Web Desktop is still running on Java 11 while other images use Java 17.

Resolution

OpenJDK has now been upgraded to support Java 17 in Web Desktop.
2.0.3

31983

XE-6277

Docker

Description

A vulnerability was detected in the OpenJDK version.

Resolution

The OpenJDK version has now bee upgraded and the vulnerability removed.
2.0.3

XE-6325

Core

Description

A vulnerability was detected in the esapi version.

Resolution

The esapi version has now bee upgraded and the vulnerability removed.
2.0.3

31960

XE-6268

System Log

Description

The Syslog Collection Agent does not handle character encodings as described in RFC5424 correctly.

Resolution

The agent now decodes UTF-8 encoded messages correctly.

2.0.2

Version Case ID Internal ID Components Summary
2.0.2

XE-6217

Aggregation

Couchbase

Description

New couchbase properties cause Aggregation agent to fail if using an older Couchbase profile.

Resolution

This problem has now been fixed, a warning is written in the execution context log, and default values will be used during execution.
2.0.2

31761

XE-6214

Web Desktop

Description

A vulnerability was detected in the Go version.

Resolution

The Go version has now bee upgraded and the vulnerability removed.
2.0.2

XE-5999

Liquibase

Description

A vulnerability was detected in the Liquibase version.

Resolution

The Liquibase version has now bee upgraded and the vulnerability removed.
2.0.2

XE-6218

Couchbase

Description

When using parametrized in a Couchbase profile, passwords need to be written in clear text, and it is not possible to use External References and parametrization at the same time in a Couchbase profile.

Resolution

These issues have now been solved, and passwords need to be encrypted, and it is possible to use external references and parametrization in combination in a Couchbase profile.

2.0.1

Version Case ID Internal ID Components Summary
2.0.1

30875

XE-5920

Logging

Description

When using log forwarding, group messages are not forwarded.

Resolution

This problem has now been fixed and group messages are forwarded.
2.0.1

XE-5776

Logging

Description

When using the Couchbase profile it was not possible to set parameters for values in the Connectivity and Management tabs.

Resolution

This has been fixed and parametrization can be used in the Couchbase profile.
2.0.1

29576

XE-5760

Helm

Description

It is not possible to configure limits and requests for CPU and Memory resources in the values. yaml file for the initial container.

Resolution

This has now been fixed and Kubernetes resources can be configured for the platform and mzonline init containers. Please refer to the platform.init.resources and mzonline.initMyservice.resources values in the Usage Engine Private Edition helm chart for details.This has been fixed and parametrization can be used in the Couchbase profile.
2.0.1

XE-5060

ECDeployments

MZOnline

Description

The ECD wizard breaks when adding custom metrics.

Resolution

This issue has now been fixed and custom metrics can be added without breaking the UI.
2.0.1

XE-3820

Web Desktop

Description

When using the Web Desktop, HTTP is still allowed after TLS has been enabled.

Resolution

This problem has now been fixed, and when TLS is enabled only HTTPS traffic is allowed when using the Web Desktop.
2.0.1

30832

XE-5844

HTTP/2

Description

When the http2 server agent is used without OpenAPI profile enabled, the RequestCycleUDR returned will contain schema not found error message and the isError flag set to true.

Resolution

Fix the backend logic for the server to handle requests properly when OpenAPI profile is disabled. Also fixed the error messages wording to be more clear.
2.0.1

XE-5937

Azure

Description

A vulnerability was detected in the Jackson version.

Resolution

The Jackson version has now bee upgraded and the vulnerability removed.
2.0.1

XE-6001

Postgres

Description

A vulnerability was detected in the Postgres version used.

Resolution

Postgres has now been updated and the vulnerability removed.
2.0.1

31425

XE-6075

Helm

Description

Some configurations were not possible to make in the helm charts.

Resolution

The following enhancements have been made to the helm chart:
  • * It is now possible to configure the region that the Kubernetes cluster belongs to. Meaning that the url:s used by the Usage Engine specific Kubernetes resources will automatically contain the correct region. This is done via the global.region value.
  • * It is now possible to configure the annotations applied to the ingress-alb Ingress and and the platform Service resources. This is done via the aws.ingress.metadata.annotations and the aws.platform.service.metadata.annotations values respectively. If there is a need to exclude a default annotation for one reason or another, this can be done via the aws.excludeDefaultAnnotations value. See the values file for further details.
2.0.1

XE-6096

System Log

Description

When using log forwarding to the Syslog collection agent, the full information visible in the System Log is not included.

Resolution

This problem has now been fixed, and the information sent to the Syslog agent is the same as in the System Log.
2.0.1

XE-5970

Security

Description

A vulnerability was detected in the OS in the Docker images.

Resolution

This issue has now been fixed and the vulnerability removed.
2.0.1

XE-5532

Operator

Description

When updating a WFG in an ECD, the ECD is unnecessarily restarted.

Resolution

This problem has now been fixed and the ECD will only be restarted when attributes that affect the ECD have been changed.
2.0.1

XE-5777

Couchbase

Description

It was not been possible to set the encryption port in the Couchbase profile.

Resolution

There is now support to set port numbers and to enable security in the Couchbase profile.

2.0.0

Version Case ID Internal ID Components Summary
2.0.0

30156

XE-5628

IBM MQ

Documentation

Description

For IBM MQ Server and IBM MQ Client, you need only one jar file and that must be installed from the mvn repository.

Resolution

The documentation now includes the updated jar file and the link from where the jar file can be downloaded from. It is recommended to use the jar version relevant to the MQ service that is being used.
2.0.0

XE-5531

Operator

Description

When mixing new and and existing workflow members in a workflow group in an ECD, the operator goes into an error loop.

Resolution

This problem has now been fixed.
2.0.0

XE-5504

HTTP/2

Description

The HTTP/2 Client is missing the ability to monitor connection status.

Resolution

Monitoring connection status is now possible, and two new MIM parameters called Available Servers and Unreachable Servers have been added.
2.0.0

XE-5414

SFTP

Description

When a user pastes the SFTP private key directly into the workflow table, the value is not readable by the system and the private key is shown as plain text.

Resolution

This problem has now been fixed. The private key  can be entered by clicking on the button with the three dots in the Private Key field in the workflow table and pasting the key  into the text area.
2.0.0

XE-5156

HTTP/2

Security Profile

Description

Some classes related to Security Profile, HTTP/2 Client, and Server have the wrong version ID. Because of that, importing exported workflows and configurations prepared in the MediationZone 8-track can lead to a faulty import.

Resolution

Version IDs are now correct and the import logic is improved to handle MediationZone 8 imports properly.
2.0.0

XE-4606

HTTP/2

Description

While using the APL function httpRequest, the body of PATCH request is not supported.

Resolution

Support for PATCH request with body is now added.
2.0.0

XE-4905

mzcli

User Management

Description

When using mzcli it is possible to disable/enable the system admin users mzadmin and mzk8soperator.

Resolution

This problem has now been fixed.
2.0.0

XE-5386

Desktop Framework

External References

Description

When configuring External References with a blank Properties File, and adding keys, you get an infinite exception.

Resolution

This  problem has now been fixed, and you will not get an infinite exception.
2.0.0

XE-4420

Diameter

Documentation

Description

Instructions for how to handle Diameter in Kubernetes clusters is missing from the user documentation.

Resolution

This problem has now been fixed and this has been described.
2.0.0

XE-4923

PosgreSQL

Description

A vulnerability was discovered in the PostgreSQL JDBC Driver.

Resolution

The driver has now been upgraded and the vulnerbility removed.
2.0.0

XE-4925

CXF

Description

A vulnerability was detected in the CXF version.

Resolution

CXF has now been upgraded and the vulnerability  removed.
2.0.0

XE-5007

3pp

Description

A vulnerability was detected in the xmlsec version.

Resolution

xmlsec has now been upgraded and the vulnerability  removed.
2.0.0

XE-5413

ECS

Description

The recently added insert_time parameter order messes with the errorudr parameter.

Resolution

The order has been corrected.
2.0.0

XE-5412

SAP CC

Description

When using SAPCC cluster if the first node in the profile gets a connection error then the rest of the clusters nodes fail to connect. This was due to an error a connection being cached and then checked if we had a connection. This lead to the application beveling it had a connection when it did not.

Resolution

Rebuild the connection logic to handle this case.
2.0.0

XE-5329

Access Control

Description

Details logging is missing for user groups add/remove.

Resolution

It is now have the details logging add/remove user group.
2.0.0

XE-5217

HTTP/2

Description

The username in the header of a request to the HTTP/2 server could not be retrieved by the server.

Resolution

This problem is now fixed.
2.0.0

XE-5416

Workflow Bridge

Description

Workflow bridge in batch workflows can not terminate due to deadlock, since disconnect is invoked twice.

Resolution

The extra disconnect is now removed.
2.0.0

XE-4702

ECDeployments

Description

When apply a service patch, the patch node port overrides the existing entries node port result in wrong behavior.

Resolution

This issue is fixed, the patch should only apply to the corresponding entry based on port number.


  • No labels