The cumulative change log for version 3.x releases is shown below. To view the change log for 2.x releases refer to the latest version 2.x Release Notes.
Version 3.1.14 - 27 Sep 2023
Problems Corrected
-
-
Update OpenSSL to version 3.1.2 to mitigate security vulnerabilities.
-
Update libxml2 to version 2.10.4 to mitigate security vulnerabilities.
-
Version 3.1.12 - 27 Mar 2022
Problems Corrected
-
-
Update OpenSSL to version 1.1.1t to mitigate security vulnerabilities.
-
Update Apache APR to version 1.7.2 to mitigate security vulnerabilities.
-
Update Apache APR-UTIL to version 1.6.3 to mitigate security vulnerabilities.
-
Improvements
-
-
Added VFSMGR certexport-pkcs12 feature to export the server certificate in PKCS12 format.
-
Version 3.1.11 - 21 Mar 2022
Improvements
-
-
Update to OpenSSL 1.1.1n to mitigate CVE-2022-0778.
-
Version 3.1.10 - 27 Sep 2021
Problems Corrected
-
-
SOAPAM abends when ip address restriction list is longer than 1024
-
Improvements
-
-
Upgrade to OpenSSL 1.1.1l
-
Version 3.1.9 - 27 Mar 2021
Problems Corrected
[SOAP-1080] - Certificate installation page returns 403 forbidden error
Improvements
Upgrade to OpenSSL 1.1.1k.
Version 3.1.8 - 26 AUG 2020
Problems Corrected
[SOAP-1022] - SOAPAM process enters I/O retry loop when the TCPIP provider returns a device down error (66)
[SOAP-1054] - SDF wizard is vulnerable to XML external & internal entity expansion
New Features
[SOAP-1017] - Add startup options to disable individual TLS protocols
[SOAP-1018] - Upgrade to OpenSSL 1.1.1 with TLS 1.3 support
[SOAP-1055] - Upgrade jQuery to v3.5.1
[SOAP-1067] - Implemented XSRF protection in Control Panel forms
Version 3.1.7 - 26 FEB 2020
Problems Corrected
[SOAP-1010] - SOAP responses use prefixes (qualified namespaces) where previous versions used default namespace
[SOAP-1021] - SERVER Control Panel jQuery 3.3.1 vulnerability
[SOAP-1031] - Several VFSMGR options are omitted in the online documentation
[SOAP-1045] - Cosmetic issue with user edit confirm password field
New Features
[SOAP-1024] - Upgrade to OpenSSL 1.0.2t
Version 3.1.6 - 25FEB2019
Problems Corrected
[SOAP-993] - Upgrade to Bootstrap 3.4.1 to resolve Control Panel security vulnerabilities
[SOAP-994] - Upgrade to jQuery 3.3.1 to resolve Control Panel security vulnerabilities
[SOAP-1002] - Add X-Content-Type-Options, X-Frame-Options, X-XSS-Protection, to Control Panel responses to resolve security vulnerabilities
New Features
None
Version 3.1.5 - 28NOV2018
Problems Corrected
[SOAP-982] - Anonymous filler injection behavior for arrays is not compatible with previous releases (introduced in 3.1.4)
New Features
None
Version 3.1.4 - 29AUG2018
Problems Corrected
[SOAP-941] - SOAPAM abends when malformed SDF wizard form request is received
[SOAP-943] - SOAPAM may abend during stats log rollover, when multiple processes are writing to the same log file
[SOAP-945] - SOAPAM abends when malformed authentication header is received.
[SOAP-947] - Stats reset-interval is not calculated correctly if the interval is greater than 36 minutes
[SOAP-948] - STATS file rollover silently fails if the file specification matches the rollover file name pattern
[SOAP-951] - Stats reset does not flush stored statistics before resetting.
[SOAP-959] - Documentation response sample is incorrect when parameter style is bare
[SOAP-960] - SOAPAM abends when a method uses passthrough and the payload does not contain valid XML
[SOAP-969] - Deadlock occurs during STATS file rollover
New Features
[SOAP-899] - Upgrade File System Browser to v5
[SOAP-952] - Stats interval and reset intervals now accept CRON expressions
[SOAP-956] - Added SNI support to SOAPAMCP
[SOAP-958] - Add startup option to disable TLS v1.0
[SOAP-974] - Update to OpenSSL 1.0.2o
Version 3.1.3 - 11AUG2017
Problems Corrected
[SOAP-888] - Server Status page breadcrumb does not match page title
[SOAP-890] - VFSMGR help for -create user refers to non-existent "-setgroup" command
[SOAP-905] - Invalid HTML produced for Service Catalog method documentation.
[SOAP-922] - SOAPAM DDL refresh does not update the maxReplySize attribute of server elements.
[SOAP-926] - SOAPAM abends after invalid diagnostic config log is created.
[SOAP-927] - ICU data file not found if not located in the current subvol (L-series only)
[SOAP-930] - File System Browser opens the wrong file after files are sorted by name.
[SOAP-896] - SOAPAM deserializer treats comment as empty array element.
[SOAP-936] - Add support for strict-transport-security header
[SOAP-940] - Poor performance when serializing messages with large arrays of structures
[SOAP-927] - ICU data file not found if not located in the current subvol (L-series only)
New Features
[SOAP-935] - Upgrade to OpenSSL 1.0.2k
Version 3.1.2 - 26OCT2016
Problems Corrected
[SOAP-906] - Method documentation response message is truncated in IE11/Edge
[SOAP-891] - Statistics are not collected for methods that use SOAP payload passthrough.
[SOAP-910] - File system browser shows mobile view in IE 11 on Windows 10
[SOAP-891] - Statistics are not collected for methods that use SOAP payload passthrough.
New Features
[SOAP-909] - Update to OpenSSL 1.0.2j
Version 3.1.1 - 20AUG2015
Problems Corrected
[SOAP-858] - SOAPAM abends if an unexpected message arrives on $RECEIVE
[SOAP-863] - SDF Wizard may create an SDF file with line lengths exceeding Guardian edit file limit
[SOAP-864] - VFSMGR -get file command adds duplicate line terminators to edit files.
New Features
[SOAP-855] - Add support for NonStop X
[SOAP-865] - Update to OpenSSL 1.0.1p
Version 3.1.0 - 06APR2015
Problems Corrected
[SOAP-708] - SOAPAM may abend if UI handler hooks a page with no script tag.
[SOAP-710] - A malformed GET request may cause a server abend.
[SOAP-826] - Server VFS clean process performs begin/abort transaction unnecessarily when there are no VFS records to clean.
[SOAP-832] - Certificate renewal does not handle blank certificate fields correctly.
[SOAP-844] - Wizard string padding selection does not work on Firefox 35 browser.
[SOAP-847] - Stats configuration loader interprets missing [stats] section as invalid configuration file.
[SOAP-848] - User management allows addition of duplicate users.
[SOAP-854] - Wizard reports Unmapped error: errorMap['literal'] = 'undefined' on dictionary refresh error.
New Features
[SOAP-800] - Integrate Server Control Panel with new documentation platform
[SOAP-802] - Rebrand SOAP/AM to SOAPam
[SOAP-804] - Integrate Virtual File System browser into Control Panel
[SOAP-805] - Improve digest authentication algorithm
[SOAP-806] - Improve Service Catalog / Documentation / Diagnostics navigation
[SOAP-811] - Disable SSLv3 by default and allow command line option -SSLALLOWV3 to re-enable.
[SOAP-824] - Implement SSL/TLS forward secrecy.
[SOAP-825] - Mitigate SSL/TLS Secure Client-Initiated Renegotiation DOS attack vulnerability.
[SOAP-835] - Allow automatic disable of diagnostic logging after time limit.
[SOAP-767] - Allow HTTP Server header to be turned off.
[SOAP-781] - Allow SOAP envelope elements to be exchanged with the application server.
[SOAP-792] - Add endpoint mapping feature.
[SOAP-797] - Add support for unwrapped arrays.
[SOAP-833] - Add the pem format certificate to certificate displays.
[SOAP-853] - Upgrade to OpenSSL 1.0.1m.
Version 3.0.5 - 20AUG2015
Problems Corrected
[SOAP-827] - Server may abend if client disconnects while server I/O is outstanding.
[SOAP-854] - Wizard reports Unmapped error: errorMap['literal'] = 'undefined' on dictionary refresh error.
[SOAP-858] - SOAPAM abends if an unexpected message arrives on $RECEIVE
[SOAP-863] - SDF Wizard may create an SDF file with line lengths exceeding Guardian edit file limit
[SOAP-864] - VFSMGR -get file command adds duplicate line terminators to edit files.
New Features
[SOAP-865] - Update to OpenSSL 1.0.1p
[SOAP-876] - Update CAROOT file.
Version 3.0.4 - 27OCT2014
Problems Corrected
[SOAP-768] - Table headers on documentation page are ordered incorrectly
[SOAP-777] - Selecting wizard option "Expose numerics with zero scale as integers" has no effect.
[SOAP-782] - Method name is incorrectly aligned on the service documentation display page.
[SOAP-786] - Methods with in/out parameters are not displayed correctly on method documentation page.
[SOAP-793] - 64 bit integers are not formatted correctly in JSON responses.
[SOAP-795] - Nil response parameters are not correctly namespace qualified.
[SOAP-799] - Diagnostic logging silently fails if the logs/diagnostics folder is deleted
[SOAP-812] - PROPFIND method returns incorrect resource HREFs when server is behind a NAT firewall
New Features
[SOAP-807] - Update to OpenSSL 1.0.1j
Version 3.0.3 - 10APR2014
Problems Corrected
[SOAP-719] - Deserialization/serialization errors are not reported properly in SOAP faults.
[SOAP-746] - Server fails PCI scan with CVE-2011-3389 (BEAST) vulnerability.
[SOAP-748] - Control Panel throws javascript errors in IE 8.
[SOAP-750] - Control Panel File System Lock setting does not work.
[SOAP-751] - Control Panel SOAP/AM Client documentation link is incorrect in release 3.0.1.
[SOAP-752] - Request URI is not parsed correctly when it contains leading double forward slashes.
[SOAP-762] - Server may abend when accessing obsolete 2.x documentation stored in the VFS.
New Features
[SOAP-753] - Update TNS/E version to OpenSSL 1.0.1g.
[SOAP-759] - Update TNS/R version to OpenSSL 0.9.8y.
[SOAP-761] - Add certificate and keystore export/import to VFSMGR.
Version 3.0.1 - 19DEC2013
Problems Corrected
[SOAP-709] - SOAPAM process opens stdfiles, which prevents the backup process from starting.
[SOAP-713] - The third party license link in the Control Panel footer is incorrect.
[SOAP-734] - Clicking apply on folder properties / connection tab return HTTP 400
New Features
[SOAP-714] - Support associative array serialization in JSON responses.
Version 3.0.0 - 31MAY2013
Problems Corrected
None
New Features
[SOAP-385] - Add support for Pathway large messages.
[SOAP-451] - Allow element default values to be set from type element "value" attribute.
[SOAP-452] - Make requestMsg/replyMsg element generated by Wizard optional.
[SOAP-511] - Allow diagnostic logging to be disabled at the server level.
[SOAP-516] - Enhance xml display for wizard SDF display and soap sample
[SOAP-522] - Improve diagnostic log configuration page
[SOAP-560] - Add certificate chain to SOAPAMCP message dump.
[SOAP-579] - Provide support in SOAPAM for 2048 bit keys and certificate chains.
[SOAP-609] - Move documentation from VFS to web based content delivery system.
[SOAP-681] - Control Panel facelift.
[SOAP-689] - Add support for DDL2 dictionaries.