This documentation is not maintained. Please refer to to find the latest updates.

On this page:

Summary: This document provides information about changes and new features introduced in this release.

Resolved issues in this release

The following issues have been fixed in this release of the Security for Java extension:

Internal IDCall IDSummaryImpacts?
SECJAVA-213288Test case for OS Command injection Dataflow have 12 false negative - String[] invalid CASTIL generationThe bug is now fixed and the missing flaws are now correctly detected.
SECJAVA-22-Change the memory heap size requirement to 4GBThe extension will now be able to use more heap memory, therefore improving performance. There is no impact to existing results.
SECJAVA-23-Generation of CASTIL in blocks - split - by modular approachInside a project.xml, sometimes, there are several projects. The Security for Java extension will now create CASTIL files for each project, instead of creating CASTIL files when the analysis of all projects in finished. As a result, the extension will use less memory. There is no impact to existing results.
SECJAVA_28-Identified Flaws not reflecting in Dashboard - GUID error with primitive types.Flaws identified during the analysis should now be fully visible in the CAST dashboards.