Release Notes - 2.1

2.1.2-funcrel

Enhancement/Improvements

Customer Ticket Id	Customer Details
54137	Fixes a harmless traceback due to a bug in old versions of com.castsoftware.jee. No impact on results.

2.1.1-funcrel

Fixes/Bugs

Customer Ticket Id	Customer Details
	Improve scope of rule: 1039116 - "Ensure setting origins when using @CrossOrigin Spring annotation".

Enhancement/Improvements

Customer Ticket Id	Customer Details
	Fixes a harmless traceback due to a bug in old versions of com.castsoftware.jee. No impact on results.

2.1.0-funcrel

Enhancement/Improvements

Customer Ticket Id	Customer Details
	Security rules evaluation engine has been updated to provide better/accurate results
	Updates embedded libraries.

2.1.0-beta1

Fixes/Bugs

Customer Ticket Id	Customer Details
	Improve accuracy of rule 1039044 "Avoid usage of BannedAPI when using ESAPI library".
	Improve accuracy of rule 1039046 "Always use {@code} to wrap code statements or values such as null".
	Improve accuracy of rules 1039018 "Avoid using cryptography hash with predictable salt (JEE)" and 1039022 "Avoid using Insecure PBE Iteration Count".

Enhancement/Improvements

Customer Ticket Id	Customer Details
	Updated internal librairies. No impact on results.
	Workaround for a bug in internal library. No impact on results.
	Workaround for a bug in old versions of JEE Analyzer which produced an harmless Traceback. No impact on results.

2.1.0-alpha1

Rules

Rule Id	New Rule	Details
1039120	TRUE	Avoid weak password requirements (JEE)
1039118	TRUE	Avoid enabling directory listing (JEE)
1039116	TRUE	Ensure setting origins when using @CrossOrigin Spring annotation
1039114	TRUE	Avoid predictable initialization vector (JEE)
1039112	TRUE	Avoid mutable fields inside a class with JCIP @Immutable annotation
1039110	TRUE	Ensure initializing cryptographic key generators (JEE)