2022.1.37 Maintenance Release

Article summary

Did you find this summary helpful?

Thank you for your feedback!

Release Notes

This maintenance release of Itential Platform includes fixes for bugs that were reported to Itential Product Support.

Key ID	Release Note
ENG-5531	An issue was identified where blank form data was causing the form not to render correctly. Resolved this issue to ensure that JSON forms display as intended.
ENG-9372	A bug was fixed where groups and roles that were added to a custom group using the create group API were not accurately reflected for users in the new group. This fix ensures that the user permissions and roles are correctly assigned and displayed.
ENG-9757	Resolved an issue where adapters in `DEGRADED` status and did not automatically transition back to `Online` upon connection restoration. Implemented a code fix to enable automatic recovery from the degraded state to ensure seamless status restoration.
ENG-9813	An issue was discovered when users attempted to view a transformation that contained a nested function step with an empty arguments array. This scenario led to rendering and runtime complications. To mitigate these effects, additional checks have been implemented to prevent any adverse side effects when interacting with transformations in this specific state.
ENG-10795	An issue was resolved where stopping the Task Worker negatively impacted the ability to manage scheduled tasks on an instance. This issue persisted until the instance was restarted. The fix ensures that the scheduled tasks can be handled without requiring a restart after stopping the Task Worker.

This section highlights fixes and measures to prevent and minimize security risks and vulnerabilities.

Key ID	Release Note
ENG-10287	When running security scans, it showed affected versions of the `express` dependency were vulnerable to Asymmetric Resource Consumption (Amplification) risks. Upgraded the package to 4.21.2 to resolve this vulnerability.
ENG-10623	When running security scans, it showed affected versions of the `body-parser` library in Pronghorn Core were vulnerable to Asymmetric Resource Consumption (Amplification) risks. Upgraded the package dependency to 1.20.3 to resolve this vulnerability.
ENG-11056	Upgraded the `ssh2` package in `adapter-nso` to version 1.0.0 to address a Command Injection security vulnerability present in version 0.8.9 of the dependendency.
ENG-11171	When running security scans, it showed affected versions of the `undici` package in Admin Essentials were vulnerable to Insecure Randomness risks. Upgraded the package dependency to 5.29.0 to resolve this vulnerability.

component	version
itential/adapter-automation_gateway	4.26.1-2022.1.22
itential/adapter-azure_aaa	1.4.2-2022.1.11
itential/adapter-email	4.2.8-2022.1.7
itential/adapter-ldap	2.13.8-2022.1.6
itential/adapter-local_aaa	4.3.6-2022.1.3
itential/adapter-nso	7.8.20-2022.1.51
itential/adapter-radius	2.1.7-2022.1.3
itential/app-admin_essentials	3.13.12-2022.1.72
itential/app-ag_manager	1.18.3-2022.1.13
itential/app-automation_catalog	2.12.11-2022.1.9
itential/app-automation_studio	4.1.2-2022.1.176
itential/app-configuration_manager	3.97.6-2022.1.64
itential/app-form_builder	4.11.26-2022.1.5
itential/app-json_forms	1.34.12-2022.1.47
itential/app-jst	1.8.5-2022.1.52
itential/app-mop	6.11.25-2022.1.23
itential/app-nso_manager	2.23.3-2022.1.4
itential/app-operations_manager	1.171.4-2022.1.210
itential/app-service_catalog	3.12.0-2022.1.3
itential/app-service_management	2.24.9-2022.1.10
itential/app-template_builder	2.6.7-2022.1.11
itential/app-workflow_builder	5.44.64-2022.1.85
itential/app-workflow_engine	9.13.31-2022.1.143
itential/audit-trail	1.5.3
itential/database	1.11.11
itential/event-system	1.1.31
itential/itential-utils	2.10.1
itential/logger	2.1.17
itential/network	3.4.7
itential/pronghorn-core	13.28.27-2022.1.160
itential/search	1.1.25-2022.1.2
itential/service	2.11.10
itential/tags	3.1.12-2022.1.4

Was this article helpful?

Table of contents