Gateway 2023.2.14
Gateway 2023.2.14 is a maintenance release containing bug fixes and security updates.
Bug fixes (3)
| Feature | Description |
|---|---|
| gNOI reboot params JSON validation (ENG-6097) | Fixed an issue where the subcomponents object held an unexpected key when using gNOI reboot/cancel_reboot. Updated the params definition in reboot/cancel_reboot.reboot_status, the GRPC execute panel, and APIs to validate input as a proper JSON object. |
| Execution history large result download (ENG-7702) | Fixed an issue where the browser window would stop responding when opening the Execution History tab with large result sets. Added the ability to download large results directly to a log to prevent display errors. |
| Rodeo package UI styling fixes (ENG-8925) | Fixed multiple UI styling issues introduced after upgrading the rodeo package to the latest version, ensuring a correct and consistent UI display. |
Security fixes (3)
| Feature | Description |
|---|---|
| Rodeo UI security vulnerability update (ENG-7441) | Updated rodeo-ui to version 21.33.7-2022.1.230 to resolve known security vulnerabilities identified in security scans. |
| Micromatch regex complexity fix (ENG-7488) | Fixed a security vulnerability caused by inefficient regular expression complexity in the micromatch.braces() function. |
| Swagger UI package security update (ENG-7583) | Updated the swagger-ui-react package and refactored web-app to resolve UI build errors and address security vulnerabilities. |
Component version
| Component | Version |
|---|---|
| automation_gateway | 4.0.0+2023.2.62 |
Gateway 2023.3.7
Gateway 2023.3.7 is a maintenance release containing bug fixes and security updates.
Bug fixes (3)
| Feature | Description |
|---|---|
| gNOI reboot subcomponent input validation (ENG-6097) | Fixed an issue where the subcomponents object in reboot/cancel_reboot held an unexpected key. Updated the params definition in reboot/cancel_reboot.reboot_status, the GRPC execute panel, and APIs to validate input as a proper JSON object. |
| Large Execution History result download (ENG-7702) | Fixed an issue where the browser window would stop working when opening the Execution History tab with large result sets. Added the ability to download large results directly to a log to prevent display errors. |
| Rodeo package UI styling fixes (ENG-8925) | Fixed multiple UI styling inconsistencies introduced after upgrading the rodeo package to the latest version, restoring correct and consistent UI display. |
Security fixes (3)
| Feature | Description |
|---|---|
| rodeo-ui vulnerability remediation (ENG-7441) | Updated rodeo-ui to version 21.33.7-2022.1.230 to resolve known security vulnerabilities identified in security scans. |
| axios Prototype Pollution fix (ENG-7483) | Updated axios to version 0.29.0, 1.6.4 or higher to resolve a vulnerability to Prototype Pollution via the formDataToJSON function. |
| swagger-ui-react security update (ENG-7583) | Updated the swagger-ui-react package and refactored web-app to resolve UI build errors and address security vulnerabilities. |
Component version
| Component | Version |
|---|---|
| automation_gateway | 4.2.22+2023.3.25 |
Gateway 4.3.2
Gateway 4.3.2 is a maintenance release containing bug fixes and security updates.
Bug fixes (3)
| Feature | Description |
|---|---|
| gNOI reboot/cancel_reboot params validation (ENG-6097) | Fixed an issue where the subcomponents object in reboot/cancel_reboot held an unexpected key. Applied a fix to the params definition within reboot/cancel_reboot.reboot_status, the GRPC execute panel, and APIs to ensure the input is validated as a proper JSON object. |
| Execution History tab performance with large result sets (ENG-7702) | Fixed an issue where the browser window would stop working when opening the Execution History tab with large result sets. Added a feature that allows users to download large results directly to a log, preventing display errors. |
| UI styling inconsistencies after rodeo package upgrade (ENG-8925) | Resolved UI styling issues encountered after upgrading the rodeo package to the latest version, ensuring a correct and consistent display of the UI. |
Security fixes (3)
| Feature | Description |
|---|---|
| rodeo-ui security vulnerabilities (ENG-7441) | Updated rodeo-ui to version 21.33.7-2022.1.230 to resolve known security vulnerabilities identified during security scans. |
| axios Server-Side Request Forgery vulnerability (ENG-7481) | Updated axios to version 1.7.4 or higher to resolve a Server-Side Request Forgery (SSRF) vulnerability identified during security scans. |
| swagger-ui-react security vulnerabilities and UI build errors (ENG-7583) | Updated the swagger-ui-react package and refactored web-app to resolve UI build errors and address security vulnerabilities. |
Component version
| Component | Version |
|---|---|
| automation_gateway | 4.3.16 |