Skip to main content

JobScheduler, JOC Cockpit & YADE Version 1.12.12 released

Submitted by ap on Tue, 02/04/2020 - 23:46
News Date and Time
Feb 04 2020 06:00

We are pleased to announce the 1.12.12 release of the JobScheduler, JOC Cockpit and YADE

This release includes fixes for vulnerabilities and bugs of previous releases 1.12. and brings minor new features to JobScheduler, the JOC Cockpit and YADE.

Features

  • JITL-589: JITL Jobs, JobScheduler Plugins and JOC Cockpit should support use of a Credential Store 
  • JITL-587: SOS Hibernate Managed Database Job should make use of Credential Store
  • JITL-588: SOS PLSQL Database Job should support use of a Credential Store

Fixes

Vulnerabilities

  • JOC-854 Cross-Site Scripting (XSS) Vulnerability allows to inject HTML and script code to REST API calls (CVE-2020-6854)
  • JOC-853 XML eXternal Entity (XXE) Vulnerability allows to read files from the server (CVE-2020-6856)
  • JITL-590 Denial of Service (DOS) Vulnerability allows to exhaust resources when calculating the daily plan (CVE-2020-6855)
  • JS-1869 Update use of log4j to log4j2 due to vulnerability issue in log4j (CVE-2019-17571)

 

See the Release Notes for a detailed list of the features and bug-fixes.

Important

Please also take note of our Change Management information.

Download the JobScheduler and JOC Cockpit:

Download YADE: