Content matrix

Version	Summary of content	Comments
1.28.9-funcrel	Bug fixes	Can be used with: ≥ 8.3.3
1.28.8-funcrel	Bug fix to resolve issue with login for non admin users in 1.28.6 and 1.28.7 Bug fix to resolve two CVE vulnerabilities found in CAST Dashboards, for CVE-2022-23457. Refer: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23457
1.28.7-funcrel	Bug fix to resolve CVE vulnerabilities found in CAST Dashboards, for CVE-2022-22965 and CVE-2022-21724 for OWASP
1.28.6-funcrel	Bug fix to resolve issue with user authorization
1.28.5-funcrel	Bug fix to resolve CVE vulnerabilities found in CAST Dashboards, for Apache Log4j: CVE-2021-45105 and CVE-2021-44832
1.28.4-funcrel	Bug fix to resolve two CVE vulnerabilities found in CAST Dashboards, for Apache Log4j: CVE-2021-44228 and CVE-2021-45046.
1.28.3-funcrel	Bug fixes
1.28.2-funcrel	Bug fixes
1.28.1-funcrel	Bug fixes
1.28.0-funcrel	Bug fixes

1.28.9-funcrel

Customer Ticket Id	Details
36807	Error running Datamart process - Encountered error while running Datamart.
36651	SAML authentication is not working in recent version of Dashboard.

Customer Ticket Id	Details
35627	Security Dashboard login for non admin users is not working in 1.28.6 and 1.28.7
36321	All rules of an application are not extracted.

Internal Id	Details
DASHBOARDS-4518	A fixed has been applied to all Dashboards/RestAPI to close the vulnerability, also known as Spring4Shell, described in CVE-2022-22965. See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22965 and https://doc.castsoftware.com/display/CAST/Spring+Framework+-+CVE+vulnerabilities.
DASHBOARDS-4515	A fix has been applied to all Dashboards/RestAPI all Dashboards/RestAPI (upgrade of embedded PostgreSQL driver 42.2.18 to 43.3.3) to close the vulnerability described in CVE-2022-21724. See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21724.

Customer Ticket Id	Details
35030	Fixed a nullpointerException popup that appeared erroneously when logging in to the dashboard.

Customer Ticket Id	Details
34067	Issue with user authorization in Security Dashboard.

Internal Id	Details
DASHBOARDS-1764	Impacted transaction section is not loading for some transactions.
DASHBOARDS-4264	Update Log4j version to 2.17.0 for 1.x and 2.4.4 branch for CVE-2021-45105. Refer: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105 and https://doc.castsoftware.com/display/CAST/Apache+Log4j+-+CVE+vulnerabilities (CAST documentation).
DASHBOARDS-4306	Update Log4j version to 2.17.1 for 1.x branch.

Customer Ticket Id	Details
33265	Fixed an issue where "Advanced search" is not working when transactions are filtered based on health factor.

Internal Id	Details
DASHBOARDS-4238	Upgrade Log4j to v 2.16 to resolve CVE-2021-44228 and CVE-2021-45046. Refer: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046 and https://doc.castsoftware.com/display/CAST/Apache+Log4j+-+CVE-2021-44228 (CAST documentation).

Customer Ticket Id	Details
33202	Error while running data mart.

Internal Id	Details
DASHBOARDS-4096	Adjustment factor's detail values are rounded incorrectly.

Internal Id	Details
DASHBOARDS-3909	DATAMART: Fix USR_EXCLUSIONS extraction.
DASHBOARDS-3908	DATAMART: Optimize app-findings-measures extraction.
DASHBOARDS-3884	Console errors with Advanced search selection tables sorting.

Internal Id	Details
DASHBOARDS-3304	Comment list is not filtered based on 'Security'.
DASHBOARDS-3728	SD user admin page is showing wrong tab icon.
DASHBOARDS-3685	Sorting in react tables not working when the strings are mixed with lower and upper case.

Customer Ticket Id	Details
30998	Violations not appearing in Advance search page in Security Dashboard.
30903	Data is not displaying in the report section of dashboard at first time of report type selection.
28825	Out of Date Plugins in Security Dashboard.