Summary: CAST AIP 8.3.27 introduces a number of features and changes as listed below. To view the impacts of these changes on analysis results, see: Changes in results post upgrade
CAST Storage Service backup and restore tools
A change has been made to the CSSBackup.exe and CSSBackupAll.exe tools provided with CAST AIP to enlarge compatibility and exchangeability with target server versions. As such, schema backups created with CSSBackup/CSSBackupAll included in 8.3.27 (and any higher 8.3 service pack) should only be restored with CSSRestore/CSSRestoreAll included in 8.3.27 (and any higher 8.3 service pack).
CAST Extension Downloader
The URL used to connect to CAST Extend has been changed by default to https://extend.castsoftware.com.
User Input Security
- The automatic blackboxing action will now identify as database targets all methods beginning with (previously only Find or find were considered as targets):
- Find(
- FindRow(
- FindRows(
- FindColumn(
- FindColumns(
- Support (predefined methods) has been added for the GWT (Google Web Kit) framework.
- Sanitization methods for the NpgSql framework for JEE are now supported.
- The rule 8518 - Avoid regular expression injection has been implemented for JEE technologies. Previously this rule only functioned on .NET technologies.