•Updated vulnerable libraries of transitive dependencies in Cloud connectors. KOT-338 RR-3723 12.5 UPDATE 4
•Updated library datatables.net to version 1.10.23+ to eliminate the potential software vulnerability CVE-2020-28458. RR-3466 ZEN-21063 ZEN-21397 12.5 UPDATE 2
•Resolved various issues with the delegation of authentication to the external identity provider. This change should have a visible change in terms of less flickering and screen changes, when the user gets authenticated. RR-3617 ZEN-21156 12.5 UPDATE 2
•Fixed a problem with possible escalation of permissions in the REST API for e-mail templates. RR-3214
•Resolved a possible SQL injection in the RAW tables API. RR-3916
•Added a password check to ensure that users choose strong passwords that meet password security requirements. This feature can be activated by editing the property passwordFormat in the appsettings.json file. RR-3629 ZEN-21156 12.5 UPDATE 3.
|
Note: For a secure password requirement, including the minimum length, the presence of uppercase and lowercase letters, numbers, and special characters you can use the sample value: "^(?=.?[#?!@$%^&-])(?=.[0-9])(?=.[a-z])(?=.[A-Z])[a-zA-Z0-9\\#?!@$%^&-]{8,}$". Please note, that values in JSON files may not contain unescaped backslash (\) or quotation marks (") characters; they have to be encoded as \\ (like in the above example) and \" respectively. |
