Skip to main content

Release 4.15.1 - 11-05-2023

rules
  • Updated

Features

  • [ARCH-629] - New health endpoint verifies database status.
  • [DRA-984] - New API endpoint to fetch template artifacts.
  • [DRA-1004] - APO V2 endpoints now use project reference UUIDs.
  • [DRA-1012] - Unsaved changes icon now shown in the project's grid for new project.
  • [DRA-1021] - Add UUID project column is now in the project-by-group and project-by-user views.
  • [MSR-970] - Applied schema validation on libraries imported by XML.
  • [RT-753] - Template source name or identifier now shown on Threats/Countermeasures.
  • [RT-945] - Swapped the direction of the issue link in Jira.
  • [RT-898] - Bulk update for Threats Issue Tracker configuration.
  • [RT-899] - Bulk update for Countermeasure Issue Tracker Configuration.

Bug Fixes

  • [DRA-992] - Fixed GET /products endpoints accepting non-acceptable values.
  • [DRA-1035] - Fixed some issues when restoring a diagram.
  • [MSR-1052] - Fixed an error updating a non-existing object and missing documentation.
  • [SIN-1039] - Fixed issues when modifying user information.
  • [RT-888] - "Add threat" button is fixed when some exception raises.
  • [RT-976] - Update the issue id when it has been moved to another project.

Security fixes

  • [ARCH-652] - Fixed third-party vulnerabilities.

API Changes

New Knowledge-base Content

Cloud components:

  • [CON-1485, CON-1514 & CON-1515]: New Azure components

    • Azure Mobile Apps 

    • Azure API Apps

    • Azure App Service

    • Azure Elasticsearch

    • Azure Automation

    • Azure Media Services

    • Azure Managed Resource Groups

    • Azure Data Share

    • Azure File Sync

    • Azure Office 365

  • [CON-1524 & CON-1528]: New AWS components:

    • AWS CodeArtifact

    • AWS Console Mobile Application

    • AWS Timestream

    • AWS Transit Gateway

    • AWS Location Service

    • AWS ParallelCluster

Security standards:

  • [CON-1508]: Updated CIS Google Cloud Platform Foundations Benchmark to 2.0.0.

  • [CON-1509]: Updated CIS Microsoft Azure Foundations Benchmark to 2.0.0.

Content Updates:

  • [CON-1544]: Added a threat about VM escape and Admin escape for Virtual machine components.

  • [CON-1552]: New functional components:

    • Access Token

    • Administration interface

    • JSON processing service

    • JWT token

    • Private signature key

    • Session identifier

    • Subdomain DNS-entry configuration

    • URL Redirection

    • WYSIWYG editor

    • XML processing

    • XPATH query

  • [CON-1556]: Fixed FedRAMP description. Now it indicates that the requirements come from NIST 800-53.

  • [CON-1554]: Fixed OpenID rules that were not including the right risk pattern.

  • [CON-1557]: Updated some countermeasures about the deprecated X-XSS-Protection and X-Frame-Options headers.

Related articles

Comments

0 comments

Article is closed for comments.

Powered by Zendesk