- [IR-4890] - New conditions have been added to the data flow rules to check if a risk pattern has been imported in the destination or origin
- [IR-4941] - New condition has been added to the DataFlow component of the Rules Engine to check that the origin/destination Trustzone is not a particular Trustzone.
- [IR-4987] - New permission PRODUCT_COMPONENT_SETTINGS_UPDATE created. Required to edit the settings of a project or any of its components.
- [IR-5068] - Default libraries have been made read-only.
- [IR-5081] - When exporting Countermeasures to an XLS, the description has been added.
- [IR-5259] - Re-naming of Question nomenclature to make it easier to understand.
- [IR-4726] - Fixed a problem when pasting the image on the diagram the image is duplicated and the generated artifact doesn't contain the image.
- [IR-4990] - Fixed some issues when export libraries.
- [IR-4810] - Fixed performance issue applying a template to products.
- [IR-5161] - Diagram historic artifacts show one component not synchronized.
- [IR-5166] - Fixed allow to update UDT for Threat/Control/Test only for libraries.
- [IR-5217] - Fixed Sync button not updated after the sync if reload the browser.
- [IR-5235] - Fixed ThreadFixRestClient Bean instantiation error.
- [IR-5240] - Fixed do not take into account disabled libraries in risk pattern ref validation.
- [IR-5245] - Fixed issue migrating from 3.3.3 to 3.4.0 only in some rare scenarios.
- [IR-5246] - Fixed users should be allowed to enable/disable default libraries.
- [IR-5254] - Remove the settings option in the template & libraries menu.
- [IR-5288] - Fixed user cannot login again if has logged out.
- [IR-5291] - Fixed cannot edit templates description after selecting the default library.
- [IR-5305] - Fixed default UDT values don't being filled for new Threats
- [IR-5313] - Fixed when adding several tags to a dataflow in one time, not all of them were created.
- [IR-5314] - Fixed an error in rules execution when a rule is deleted.
- [IR-5315] - Fixed an error in rules execution with two dataflows with the same destination.
- [IR-5322] - Fixed threat UDT's does not appear on Threats popup.
- [IR-5332] - Fixed display settings option in the Templates action menu.
- [IR-5346] - Fixed reload Trustzones after import a project.
- [IR-5347] - Fixed not enough permission to update the general setting.
Hot Fixes included
This is also a cumulative release that also includes all the hotfixes on the 3.4 version:
New Knowledge-base Content
- [CON-169] - Added new cloud and network risk-patterns to the IoT Library (iot-security-compliance-framework).
- [CON-473] - OAuth2 Authorization Server (CS-Default library).
- [CON-473] - OAuth2 Resource Server (CS-Default library).
- [CON-473] - OAuth2 Client Application (CS-Default library).
- [CON-586] - UNECE WP.29 Cybersecurity Regulation (CSMS) library (unece-wp-29-csms).
- [CON-593] - We've increased the revision number for all the default libraries to force their update in relation to the change to make default libraries read-only after the 3.5.0 release (IR-5068). This will have no impact from a user perspective.