Automation Gateway Versions
| component |
version |
| automation_gateway |
3.227.0+2023.1.81 |
Bug Fixes
This maintenance release of IAG/2023.1.17 includes fixes for bugs that were reported to Itential Product Support.
| Key ID |
Release Note |
| ENG-7702 |
Fixed an issue where the browser window would stop working when opening the Execution History tab with large result sets. Added a feature that allows customers to download large results directly to a log, thereby preventing display errors. |
| ENG-8925 |
When upgrading the rodeo package to the latest version, IAG encountered several UI styling issues. Applied fixes to address UI inconsistencies, ensuring a correct and consistent display of the UI. |
Security Changes
This section highlights fixes and measures to prevent and minimize security risks and vulnerabilities.
| Key ID |
Release Note |
| ENG-7441 |
When running security scans, it showed known vulnerabilities in the rodeo-ui package. Updated rodeo-ui to version 21.33.7-2022.1.230 to resolve security vulnerabilities. |
| ENG-7482 |
Fixed security issue related to Cross-site Request Forgery (CSRF) in axios package by updating to version 0.28.0, 1.6.0 or higher. |
| ENG-7484 |
When running security scans, it showed the axios package was vulnerable to Server-Side Request Forgery (SSRF). Updated axios to version 1.7.4 or higher to resolve security vulnerability. |
| ENG-7486 |
When running security scans, it showed the web-app/package.json was vulnerable to Prototype Pollution. Upgraded dompurify to version 2.5.4, 3.1.3 or higher to resolve vulnerability. |
| ENG-7487 |
Fixed a security issue related to Improper Handling of Extra Parameters in follow-redirects in the web-app/package.json. Upgraded follow-redirects to version 1.15.4 or higher to resolve vulnerability. |
| ENG-7583 |
Updated the swagger-ui-react package and refactored web-app to resolve UI build errors and address security vulnerabilities. |