Skip to main content

9.3.0 Hotfixes

Installation Notes

Notice

  • Hotfixes and content packs are cumulative and include previous hotfix/content package updates.

  • The relevant hotfix must be installed on the CxManager, CxEngines and the CxAudit stations, unless otherwise indicated. In a distributed environment, the hotfix must also be installed on the Portal station.

  • To upgrade a Linux engine, please download the Linux Docker engine and follow these instructions to install it

  • After upgrades (major versions or hotfixes) or Content Pack updates, it is highly recommended to first run full scans before running incremental scans.

Resolved Issues and Changes

Category

Resolved Issues

HF29

Parsing issues were fixed in the CPP source code scanning.

The CPP_Best_Coding_Practice/Methods_Without_ReturnType query has been updated to improve the accuracy of the results.

Engine was improved by indicating the scans that terminate with errors in the Engine Agent as failed.

Engine has been improved by reducing memory consumption when running scans and thereby avoiding OutOfMemoryExcepion errors.

Category

Resolved Issues

HF28

The Tomcat version has been upgraded to Apache Tomcat version 8.5.81.

Fixed an issue that caused the confidence level to be displayed in the Results Viewer screen incorrectly as 0%. This occurred when the scan was executed for a project that had no source code changes.

Improved the All Scans view by listing failed scans, which have some results, as partial scans.

Added the version number on the inventory libraries list in the HTML OSA report.

Fixed an issue that caused the user to be re-directed to the logout page when downloading a report from the client machine.

Fixed an error in the result service log that occurred while calculating the Best Fix Location.

Category

Resolved Issues

HF27

Fixed an issue by adding a retry mechanism for Windows for properly moving folders to their corresponding directories.

The Project and Project State pages were improved by correctly listing the scans according to the latest scan date.

Fixed a Kotlin parsing issue that was causing stack overflow errors.

Updated the JavaScript library oidc-client to version 1.11.6 to fix a vulnerability.

Fixed an issue that occurred in the Viewer when users attempted to access the vulnerability descriptions, but were incorrectly redirected to project state pages.

Fixed an issue that occurred when opening the library information for scanned libraries that also exist in deprecated projects.

Email notifications for successful scans now include PDF report attachments where the projects have no defined owners.

Fixed an issue that will prevent automatic attempts to connect to Access Control when the Access Control service is stopped in the IIS Manager.

Upgrade process improved for deleting unnecessary old Log4j files.

.

Category

Resolved Issues

HF26

The following libraries have been updated:

  • tomcat-api was updated from 9.0.48 to 9.0.59

  • spring was updated from 4.3.30 to 5.3.18

During the installation of the Hotfix, the ActiveMQ\conf\activemq.xml file is replaced with the new file and the original file is backed up.

If you implemented a configuration for ActiveMQ different than the default configuration, you might need to implement it again in the new activemq.xml file. Furthermore, if you implemented a configuration for ActiveMQ that involved additional customer created files, you might need to back them up before installing the Hotfix and then restore them after the Hotfix installation.

.

Category

Resolved Issues

HF25

Fixed an issue that caused the scanned source code to be written to the Engine log file when parsing an .xhtml file.

Fixed an issue in the CxPortal Scan List screen that made the Download Scan Logs button unavailable.

Fixed an issue to prevent displaying incorrect result states for Recurrent results, when comparing two scans after overriding queries.

Fixed an issue that caused errors to be recorded in the incremental scan log after all the vulnerabilities detected in the full scan were removed.

Fixed an issue that caused scans to fail where the SAST users did not have permissions to the drive, although they did have permissions to the CxSRC folder.

Fixed an error to prevent CxAudit from failing when very large numbers of projects (> 100,000) are loaded.

Fixed an issue in Access Control where users who were able to remove the SAST Auditor role from other users, were unable to reassign the role to any other users.

Updated the JavaScript library oidc-client to version 1.11.6 to fix a vulnerability.

Corrected the documentation and error messages to indicate that Access Control user names can contain letters, digits, and the underscore(_), hyphen(-), period(.), plus(+) and at sign(@) characters.

Lower case characters can now be included when changing or resetting Access Control passwords on the Profile page.

Fixed an issue that caused the M&O (Management and Orchestration) Analytics page to display incorrect results, where some projects that should be marked as high risk are marked as low risk projects.

Category

Resolved Issues

HF24

ActiveMQ has been upgraded to 5.16.4.

During the installation of the Hotfix, the ActiveMQ\conf\activemq.xml file is replaced with the new file and the original file is backed up.

If you implemented a configuration for ActiveMQ different than the default configuration, you may need to implement it again in the new activemq.xml file.

The following libraries have been replaced:

  • log4j-1.2.17 is replaced with reload4j-1.2.19

  • shiro-core-1.5.3 is replaced with shiro-core-1.8.0

  • shiro-spring-1.5.3 is replaced with shiro-spring-1.8.0

  • xstream-1.4.11.1 is replaced with xstream-1.4.19

  • tomcat-servlet-api-9.0.35 is replaced with tomcat-servlet-api-9.0.48

  • tomcat-websocket-api-9.0.35 is replaced with tomcat-websocket-api-9.0.48

Category

Resolved Issues

HF23

Improved the Incremental scan merge mechanism to avoid classifying, in some edge cases, similar results as two separated results.

Fixed an issue that caused false positive (FN) results in incremental scans. This occurred where there were two files with the same name, but in different directories, and only one of these files was modified. If afterwards the scan results were checked in the Viewer, the file that was not modified was marked as 'Fixed', instead of correctly being marked as 'Recurrent'.

Fixed a failure in the Data Retention process, which occurred when the Engine Scan Logs Path was set to a shared folder. One of the ways that the failure was manifest was that scans that were supposed to be deleted were not deleted.

Fixed an issue on the Projects page that caused an error when displaying the Shared Location.

Fixed an issue that caused incorrect error messages to be logged when the data retention option was applied to scans which had previously been deprecated.

Fixed an issue that resulted in misleading response messages from API query requests, which occurred when the queries were missing descriptions.

The specific API request: GET /sast/scans/{id}/results/{pathId}/shortDescription

The misleading message: "Result path Id X does not exist for scan with Id XXXXXX"

Square brackets are now supported for filtering projects by name.

Improved stability for OSA scans, so that scans will not fail even when the database has reached its update limits with respect to "unresolved libraries".

Fixed an issue that caused scans on existing projects to fail because of empty folders in CxSRC, which resulted from failures in the ZIP extract process. This issue only occurred in HA (High Availability) environments.

Removed the Restricted Scan option from the OSA Settings.

Fixed an issue in the SAST Web Portal that caused incorrect scan logs to be downloaded when there were no code changes detected by the scan.

Category

Resolved Issues

HF22

Fixed an issue in AngularJS framework support that was causing intersection errors that resulted in high memory usage.

Fixed an issue in CSharp language support that was causing scans to end abruptly in the middle of the flow.

Fixed an issue in Ruby language support that was causing errors when creating and executing bash scripts.

Improvements in TypeScript language support that were causing parsing exceptions for the following operations:

  • defining component variables

  • defining multiple if statements

  • on EventEmitter definitions

  • on inline forEach Set parameters

Category

Resolved Issues

HF21

Fixed an issue that caused results with comments containing the “+” character to be excluded from the CSV reports.

The Scan ID is now displayed on the Scans List and Scan Summary pages in the CxSAST Web Portal user interface.

Fixed a bug which caused the report creation to fail when the Path column, in the Projects table, contained more than one XML node for a subfolder.

Fixed the performance for the REST API endpoint GET \Projects.

Angular was updated to 1.8.2.

jQuery was updated from 3.4.1 to 3.6.0.

jQuery UI updated from 1.12.1/1.12.4 to version 1.13.

Category

Resolved Issues

HF20

Fixed all known log4j vulnerabilities for Management and Orchestration (M&O) by updating Log4J to version to 2.17.1.

Fixed an issue in Access Control (AC) that caused a network error when upgrading SAST 9.3GA with Hotfix (HF) 19 to SAST 9.4.

Fixed an issue that caused inconsistent behavior with the Download System Logs management in HA (high availability) environments. The issue occurred when using non-default log locations.

Note: The CentralizedLogsPath key in the database must be updated to maintain the logs in a centralized place for HA environments. For instructions how to perform the update, see Centralized Logs in HA Environment.

For security fixes, click this link for additional information.

Category

Resolved Issues

HF19

Fixed an error which caused a REST API GET request for a non existent projectName and teamId to return a HTTP 200 OK Success response with an empty body, instead of a HTTP 404 - Not found response.

Fixed an error which caused REST API GET Projects requests to be case sensitive, causing API requests to fail. Now the API GET Projects requests are case insensitive.

Fixed a number of issues in Access Control that were related to User Creation.

Fixed the Result Viewer page so that all instances of a selected word are highlighted in the code.

The items in the displayed Projects State page can now be sorted independently of the entire list of Projects State items

Fixed the “Group By” option in the Results Viewer so that it works for all columns.

Fixed an error in the result service log while calculating the Best Fix Location.

Fixed an issue that caused SOAP API GetProjectsDisplayData requests to fail when users were not assigned to a team.

Fixed an issue in a particular incremental scan which caused a failure in the Results Service (indicated by a ResultsSavingStatus error in the log) preventing the completion of the scan.

The Tomcat version has been upgraded to Apache Tomcat version 8.5.72.

Fixed a bug where in an extreme edge case it was possible, using Swagger, to create duplicated teams with the same exact full name and same path.

Fixed an issue that occurred in the Excel file created when exporting the list of users from Access Control. The file only contained the Team and Role IDs, but not the user names.

Category

Resolved Issues

HF18

Fixed an issue that caused the scanning to fail and the client-log.log to record the following error message: "System.ArgumentException: An item with the same key has already been added."

Fixed an issue so that now a Docker image can be deployed on Linux without root privileges.

Added an option for changing the time zone in the Docker image on Linux.

The default AWS Docker ulimits value has been increased to allow the CxSAST engine to work properly.

Fixed an issue that caused the scanning to fail when using an AbsInt component.

The nullish coalescing operator (??) is now supported when scanning JavaScript.

.

Category

Resolved Issues

HF17

The XML report has been enhanced with additional information regarding the ‘Queries Details’ and ‘Source Code’.

Queries Details now contains:

  • Risk: What might happen?

  • Cause: How does it happen?

  • General Recommendations: How to avoid it?

  • Source Code Examples.

Source Code now contains:

  • Num of LOCs (number of lines of code): Before and after the vulnerable line.

  • Method Scope: Brings the entire method of the vulnerable line.

  • File: Brings the entire file that has the vulnerable line.

For these new features, configuration keys were added to the CxComponentConfiguration table in the CxSAST database.

  • To activate the Queries Details feature, set the AddQueryMetaDataToXmlReport configuration key to “true”.

  • To activate the Source Code feature, set the XmlReportSourceLinesRange configuration key to a number larger than 0.

.

Category

Resolved Issues

HF16

Fixed an issue which prevented the name of the plugin, which triggered the scan, from being displayed in the ORIGIN column on the Scans page.

Fixed an error which prevented the results of full and incremental scans from merging together.

Fixed an issue which prevented downloading logs from the WebPortal, where the location of the logs were changed from their default log location.

Fixed an issue which prevented the code contained in files with long path names from being displayed in the Results Viewer,

Fixed an issue where team-level query overrides are sometimes saved under incorrect teams.

Fixed an issue on the Projects page of the WebPortal which prevented items from being displayed in the "Shared Libraries" textbox in the OSA (Open Source Analysis) tab.

Fixed an issue which prevented the Post Scan Action from creating reports when the system was configured for LDAP environments.

Improved the Incremental scan flows mechanism so that the various possible incremental scan results are more consistent with the full scan results.

Fixed an issue which sporadically caused empty scan reports to be generated.

Fixed an issue which occurred when scanning zip files containing more than 65535 files.

Improved the Incremental scan flows mechanism so that incremental scan results are more consistent with the full scan results.

Improved the stability of the incremental scan process where several incremental scans are being triggered in parallel.

For security fixes, click this link for additional information.

.

Category

Resolved Issues

HF15

Fixed an issue that occurred when scanning C# files, which involved the GetHoldByText method call, that prevented the scan flow and definition from being located and displayed.

Fixed an issue which resulted in the loss of the entire scan because of a single file timeout.

Fixed an issue that occurred when scanning JavaScript files, which caused the parsing process to time out, leading to the loss of many scan results.

Fixed an exception in the logs caused by a System.FormatException in the AST2DOM stage.

Improved the scan flow for supporting additional use cases.

.

Category

Resolved Issues

HF14

Users moving to cloud hosted environments, without direct access to the CxSAST database, can now obtain information about project branching and deletion using CxSAST REST API calls.

The following additions are related to project branches:

  • The IS_BRANCHED attribute, for indicating if the project was branched from another project (the source/original project).

  • The ORIGINAL_PROJECT_ID attribute, with information about the source/original project. If IS_BRANCHED = False, the value for ORIGINAL_PROJECT_ID is NULL.

  • The BRANCHED_ON_SCAN_ID attribute, with information about the scan ID of the source project. If IS_BRANCHED = False, the value for BRANCHED_ON_SCAN_ID is NULL.

  • A list of related target projects, if the source/original project is the source of multiple branched projects.

The following additions are related to deleted projects:

  • The isDeprecated attribute enables the CxSAST REST API to retrieve deleted projects.

  • In the response body, the new "isDeprecated" field indicates if the project is deleted or not, where True means it is deleted and False means it is still active.

Fixed an issue in the LDAP Settings section of Access Control that prevented users from scrolling through the "Cx Role - LDAP Group DN" mapping entries list in the Advanced Role Mapping window.

To enable users to add single LDAP role mappings to existing sets of LDAP role mappings, a PATCH method was added to the LDAPRoleMappings Access Control REST API.

Fixed a comma-separated string issue that affected the Okta SAML (Security Assertion Markup Language) integration with Access Control. The issue prevented the IdP (Identity Providers) Authorization and Team Attribute Mapping feature from assigning users to multiple teams. Now it is possible to specify multiple teams names, using comma separators, so that new users are automatically associated with multiple teams.

.

Category

Resolved Issues

HF13

Fixed an issue that occurred when parsing PHP language code. Text with HTML tags containing single quote marks prevented the retrieval of the DOM (Document Object Model), which in turn caused the scan to fail.

Fixed an issue that caused some characters, which were typed by users into the scan comments, to be replaced by HTML encoded characters. In some cases, the HTML characters caused the Results Viewer page to lock.

Fixed an issue in Access Control limiting the User Manager to only being able to grant new users the User Manager role. Now the User Manager can grant new users with one or more of the CxSAST roles that exist in the system, except for the Admin and Access Control Manager roles.

Fixed an issue in the Results Viewer which prevented the total number of active results from being immediately updated after some results are marked as "Not Exploitable".

Fixed an issue that caused a discrepancy between the CxEngine logs and the user interface (UI) status. The logs indicated that the scanning was completed, but the UI status indicated that the scanning was still in progress. The result was that the CxManager aborted the scan and the scan results were not saved.

Fixed an issue that caused the CxEngine service to respond abnormally slowly to system status API requests.

Scan results can be marked to indicate one of the following result states: “To Verify”, “Not Exploitable”, “Confirmed”, “Urgent” or “Proposed Not Exploitable”. In addition, custom result states can also be defined by the user. Previously, users only required permissions for marking scans as "Not Exploitable". Now dedicated permissions are requested for each result state, including the user-defined states.

For more information, see the updated Results Summary section in Navigating Scan Results (v9.3.0 and up), and the updated descriptions for the Results Updater and Results Verifier roles in CxSAST / CxOSA Roles and Permissions (v9.0.0 and up).

For details regarding how to create custom result states, see Adding Custom Result States.

Limitations:

  • This feature does not apply to OSA vulnerabilities. The behavior for OSA remains the same as before installing this Hotfix.

  • If the 'Manage Result State And Assignee' permission was checked before installing this Hotfix, after the Hotfix installation the result states permissions of the new roles will not be checked.

  • OSA restricted scans cannot be performed.

  • A new configuration key (AllowChangeExecutablesFolder) has been added to the CxSAST database that determines whether or not the destination folder can be changed. The configuration key can only be accessed by the CxSAST administrator

  • Security fix, click this link for additional information.

.

Category

Resolved Issues

HF12

Improved the ‘Find_Inputs’ Query to better handle security checks.

Fixed a bug which caused the scan engine to count the lines of code of text files.

Fixed a bug which in some cases caused scans using the multi-language mode to fail.

Fixed false negative SQL_injection results that occurred when scanning code from the MyBatis Java framework.

Fixed a bug which in some cases caused CxAudit to crash while parsing code from the Kotlin language.

Fixed a bug which caused results with single nodes to be ignored.

Improved the ‘APPLICATION_SECURITY’ Query to better handle security checks.

Fixed false positive DOM XSS results that occurred when scanning code from the Angular Web application framework.

Improved the recovery of scans in cases where the scan manager service crashes.

Fixed a bug which caused scans to abort because of security check failures, even though the queries for the security check are not part of the actual scans.

The query security configuration is now updated during installation and upgrading.

Added support for the global memory watchdog on Linux operating systems.

For security fixes, click this link for additional information.

.

Category

Resolved Issues

HF11

Fixed the displayed scan result state in OData to be aligned with the Web Portal UI.

Triggering a new scan from the plugins will no longer require “create project” or “edit project” permissions.

Improved Engine stability when dealing with large scans.

Improved multiple client connections handling.

Improved queue mechanism which caused some scans to get stuck at 99% completion.

Fixed issue where CxARM fails to connect to the DB after hotfix installation.

.

Category

Resolved Issues

HF10

Fixed an issue that occurred when connecting SAST to the Azure DevOps repository using a PAT (Personal Access Token).

Fixed an issue where some URL’s have been overwritten during upgrades.

Fixed a problem related to the scan request.

Fixed the post scan action used with LDAP environments.

Improved data synchronization in High Availability (HA) mode.

An error message is now logged when an Incremental Scan fails due to a missing or invalid MethodMapping.zip file in the source file.

Fixed an error which caused some scans to fail.

Tomcat was replaced with Apache Tomcat version 8.5.64.

Made improvements in the Java (MyBatis framework) parser.

Fixed an error that caused some engines to get stuck in idle state while scans were waiting in queue

Fixed an error message for the post scan action where scanning is performed via a Git repository.

Improved engine performance in the parsing stage.

Improved manager synchronization in High Availability (HA) mode.

Note: After the hotfix installation, CxARM might fail to connect to the DB. To resolve this, copy the contents of db.backup.properties file to the db.properties file and restart CxARM.

.

Category

Resolved Issues

HF9

Some fixes in this Hotfix require CP16 (9.3). For more information, see Content Pack Version - CP.9.3.0.16034 (CSharp, VBNet).

Improved C# queries by fixing flows that did not go through a method declaration.

Several improvements in C# queries for better result accuracy.

Several improvements in Angular queries for better result accuracy.

Added a definition to the ESC function in Java.

An error message is now logged when an Incremental Scan fails due to a missing or invalid MethodMapping.zip file in the source file.

.

Category

Resolved Issues

HF8

Improvements in JavaScript parsing support.

Improvements in TypeScript parsing support.

Improvements in APEX to support includeScript.

Improvements in APEX when importing components.

Fixed an error in CxAudit that prevented different users from overriding the same query on a project level.

Improvements in C++ support for macros and makefiles.

Fixed an error in the Linux engine to prevent an error when obtaining free space during a scan.

.

Category

Resolved Issues

HF7

Fixed the Japanese translation for "Not Exploitable" and "Propose not exploitable" result states.

Allow customers that use SCA to enable an SCA widget to replace the content of the existing OSA widget, so that it is now possible to display CxSCA scan results in the summary page of CxSAST. For more information, see Displaying CxSCA Scan Results in CxSAST.

.

Category

Resolved Issues

HF6

M&O: Fixed misalignment between the number of projects displayed in the header and the actual number of violated projects on the page.

Fixed an issue that prevents the Git connection from failing when the password has special characters.

Fixed an issue that caused scan failure when Git projects are configured via API and UserName contains a '+' (plus sign) character.

Changed settings to allow viewing the number of private scans for projects according to the Teams hierarchy.

Fixed the displayed scan result state when similar scanned projects are deleted.

Changed settings to allow triggering scans for private projects according to the Teams hierarchy.

Changed settings to allow the Admin and regular users to view and scan private projects according to the Teams hierarchy.

Limitation: When an Admin is a member of a Team, the Admin user cannot view and scan the private projects of other members of the Team.

However, the Admin can view and scan the private projects of members of the child teams of that Team.

.

Category

Resolved Issues

HF5

Fixed cases where the Results Service failed to start due to a problematic configuration in the Checkmarx path in the registry

Fixed issues that prevented closing the Scan Summary page.

Corrected the name displayed for the scan schedule Initiator.

Improved performance of the Scan Manager stop/start actions.

Fixed an issue that prevents data retention from working due to failed scans in the selected date range.

Fixed an issue that prevents the engine scan folder from being deleted.

Fixed cases when the Results Service fail to start due to a missing SQL configuration in the host file.

Fixed an issue that prevents OSA Viewer from failing when M&O is not installed.

Improved the Scanned Languages description on the Scan Summary page when the scan returns zero findings.

.

Category

Resolved Issues

HF4

Several improvements in Perl parsing support.

Improvements in AngularJS for preventing infinite loops during scanning.

Improvements in Ruby for preventing exceptions when line breaks are applied to object element definitions.

Implemented improvements in the Query Security mechanism.

Improved Apex language recognition in multi-language mode.

Updated CxPortal to comply with PCI DSS version 3.2.1.

.

Category

Resolved Issues

HF3

  • This version introduces new and updated support on the latest versions of Apex, using the latest CxSAST engine technology.

  • To introduce queries changes that work on top of this Hotfix, it is mandatory to install CP 12. For more information about the queries, see Content Pack Version - CP.9.3.0.12021.

  • The new APEX support includes a new flow calculation algorithm. When working with APEX and additional languages in the same project, the accuracy of the results for the additional languages might be slightly effected. To prevent these changes you can split the projects between APEX and the rest of the languages or disable the new flow algorithm. To learn how to disable the new flow please contact support.

The following frameworks are now supported:

  • Visualforce Framework

  • Lightning and Lightning Component Framework

  • Metadata Files (XML files)

Updated support for the following frameworks (both created by Salesforce):

  • The Visualforce Framework includes a tag-based markup language, similar to HTML, and a set of server-side “standard controllers” that make basic database operations, such as queries and saves, very simple to perform.

  • The Lightning Component Framework (commonly called Lightning) is a UI framework for developing single page applications.

Additional fixes introduced in this HF:

Engine improvements to prevent unfinished scans when scanning Java projects with several XML files.

Improvements in log information, such as indicating in the scan log when large files, which exceed the maximum limit, are excluded from the scan.

Improvements in VUE.JS parsing support.

Implemented several COBOL improvements and support for MicroFocus extensions.

Several improvements have been made for Swift parsing.

Missing Japanese query descriptions have been added.

Improvements in the query hierarchy mechanism according to the teams.

Memory management improvements in JavaScript.

Improvements to the incremental scans using ActiveMQ are preventing unfinished scans.

Implemented several improvements in the Query Security mechanism.

Improvements in the installer to fix installation directory locations when SAST is installed on a non-default drive.

Added support in ASP and PHP for files with .inc extension.

JavaScript scripts can now be recognized in .ASP files.

Improvements in C++, allowing the scans to complete successfully.

XML mapping improvements in MyBatis.

Improvements in type casting handling in VB6.

Improvements in JavaScript for Regex/ReDoS parsing.

Engine Improvements for preventing unfinished scans when matching regular expression patterns.

Added a new capability in the CxAudit for easily extracting the source code related to a query. To enable, please refer to the CxAudit Guide.

Improvements in log files to display the queries name that failed in the security check.

.

Category

Resolved Issues

HF2

Note: HF2 is the first Hotfix for Version 9.3.0.

Fixed an issue that broke the link to the GIT integration, if the word 'git' was part of the URL.

Fixed misalignment in scan status in cases where the scan status still indicated “scanning” after the scan had already completed.

Fixed cases of misalignment between Access Control and CxSAST caused by a multiple hierarchy in the Teams tree.

Improved the response time for opening a Projects page containing a large number of projects.

Fix situations when Engine scan doesn’t complete successfully but is reflected as “Finished” in Portal.

Performance improvements for loading large repositories in the CxSAST Portal.

The CxSAST Portal now displays Git branches in all languages.

Added the ability to duplicate a user from the UI.

The Access Control login page now supports logo and background customizations. For details about how to customize the login page, see Customizing the Access Control Web Interface (v2.1 and up).

You can now configure the Global Admin role to exclude the CxAudit permission. For more information, see Access Control Configuration Guide.

The User Manager role is now able to grant roles that it does not have itself. For more information, see Access Control Configuration Guide.

Improved the error message when a SAML user is unable to login due to lack of permissions.

The Access Control API for GET Teams (GET /Teams) now returns a new attribute which is the "CreationDate" for each team:

Passwords entered manually in the connection strings (in the DbConnectionString.config file) were not encrypted.

Security fixes, refer to https://checkmarx.force.com/CheckmarxCustomerServiceCommunity/s/article/Checkmarx-Security-Updates for additional information.

.