IAG 2023.1.17 Maintenance Release

Article summary

Did you find this summary helpful?

Thank you for your feedback

Automation Gateway Versions

component	version
automation_gateway	3.227.0+2023.1.81

This maintenance release of IAG/2023.1.17 includes fixes for bugs that were reported to Itential Product Support.

Key ID	Release Note
ENG-7702	Fixed an issue where the browser window would stop working when opening the Execution History tab with large result sets. Added a feature that allows customers to download large results directly to a log, thereby preventing display errors.
ENG-8925	When upgrading the `rodeo` package to the latest version, IAG encountered several UI styling issues. Applied fixes to address UI inconsistencies, ensuring a correct and consistent display of the UI.

This section highlights fixes and measures to prevent and minimize security risks and vulnerabilities.

Key ID	Release Note
ENG-7441	When running security scans, it showed known vulnerabilities in the `rodeo-ui` package. Updated `rodeo-ui` to version `21.33.7-2022.1.230` to resolve security vulnerabilities.
ENG-7482	Fixed security issue related to Cross-site Request Forgery (CSRF) in `axios` package by updating to version 0.28.0, 1.6.0 or higher.
ENG-7484	When running security scans, it showed the `axios` package was vulnerable to Server-Side Request Forgery (SSRF). Updated `axios` to version 1.7.4 or higher to resolve security vulnerability.
ENG-7486	When running security scans, it showed the `web-app/package.json` was vulnerable to Prototype Pollution. Upgraded `dompurify` to version 2.5.4, 3.1.3 or higher to resolve vulnerability.
ENG-7487	Fixed a security issue related to Improper Handling of Extra Parameters in `follow-redirects` in the `web-app/package.json`. Upgraded `follow-redirects` to version 1.15.4 or higher to resolve vulnerability.
ENG-7583	Updated the `swagger-ui-react` package and refactored `web-app` to resolve UI build errors and address security vulnerabilities.

Was this article helpful?

Table of contents