Cumulative Change Log
The cumulative change log for version 3.x releases is shown below. To view the change log for 2.x releases refer to the latest version 2.x Release Notes.
Version 3.1.14 - 27 Sep 2023
Problems Corrected
- Update OpenSSL to version 3.1.2 to mitigate security vulnerabilities.
- Update libxml2 to version 2.10.4 to mitigate security vulnerabilities.
Version 3.1.12 - 27 Mar 2022
Problems Corrected
- Update OpenSSL to version 1.1.1t to mitigate security vulnerabilities.
- Update Apache APR to version 1.7.2 to mitigate security vulnerabilities.
- Update Apache APR-UTIL to version 1.6.3 to mitigate security vulnerabilities.
Improvements
- Added VFSMGR certexport-pkcs12 feature to export the server certificate in PKCS12 format.
Version 3.1.11 - 21 Mar 2022
Improvements
- Update to OpenSSL 1.1.1n to mitigate CVE-2022-0778.
Version 3.1.10 - 27 Sep 2021
Problems Corrected
- SOAPAM abends when ip address restriction list is longer than 1024
Improvements
- Upgrade to OpenSSL 1.1.1l
Version 3.1.9 - 27 Mar 2021
Problems Corrected
[SOAP-1080] - Certificate installation page returns 403 forbidden error
Improvements
Upgrade to OpenSSL 1.1.1k.
Version 3.1.8 - 26 AUG 2020
Problems Corrected
[SOAP-1022] - SOAPAM process enters I/O retry loop when the TCPIP provider returns a device down error (66)
[SOAP-1054] - SDF wizard is vulnerable to XML external & internal entity expansion
New Features
[SOAP-1017] - Add startup options to disable individual TLS protocols
[SOAP-1018] - Upgrade to OpenSSL 1.1.1 with TLS 1.3 support
[SOAP-1055] - Upgrade jQuery to v3.5.1
[SOAP-1067] - Implemented XSRF protection in Control Panel forms
Version 3.1.7 - 26 FEB 2020
Problems Corrected
[SOAP-1010] - SOAP responses use prefixes (qualified namespaces) where previous versions used default namespace
[SOAP-1021] - SERVER Control Panel jQuery 3.3.1 vulnerability
[SOAP-1031] - Several VFSMGR options are omitted in the online documentation
[SOAP-1045] - Cosmetic issue with user edit confirm password field
New Features
[SOAP-1024] - Upgrade to OpenSSL 1.0.2t
Version 3.1.6 - 25FEB2019
Problems Corrected
[SOAP-993] - Upgrade to Bootstrap 3.4.1 to resolve Control Panel security vulnerabilities
[SOAP-994] - Upgrade to jQuery 3.3.1 to resolve Control Panel security vulnerabilities
[SOAP-1002] - Add X-Content-Type-Options, X-Frame-Options, X-XSS-Protection, to Control Panel responses to resolve security vulnerabilities
New Features
None
Version 3.1.5 - 28NOV2018
Problems Corrected
[SOAP-982] - Anonymous filler injection behavior for arrays is not compatible with previous releases (introduced in 3.1.4)
New Features
None
Version 3.1.4 - 29AUG2018
Problems Corrected
[SOAP-941] - SOAPAM abends when malformed SDF wizard form request is received
[SOAP-943] - SOAPAM may abend during stats log rollover, when multiple processes are writing to the same log file
[SOAP-945] - SOAPAM abends when malformed authentication header is received.
[SOAP-947] - Stats reset-interval is not calculated correctly if the interval is greater than 36 minutes
[SOAP-948] - STATS file rollover silently fails if the file specification matches the rollover file name pattern
[SOAP-951] - Stats reset does not flush stored statistics before resetting.
[SOAP-959] - Documentation response sample is incorrect when parameter style is bare
[SOAP-960] - SOAPAM abends when a method uses passthrough and the payload does not contain valid XML
[SOAP-969] - Deadlock occurs during STATS file rollover
New Features
[SOAP-899] - Upgrade File System Browser to v5
[SOAP-952] - Stats interval and reset intervals now accept CRON expressions
[SOAP-956] - Added SNI support to SOAPAMCP
[SOAP-958] - Add startup option to disable TLS v1.0
[SOAP-974] - Update to OpenSSL 1.0.2o
Version 3.1.3 - 11AUG2017
Problems Corrected
[SOAP-888] - Server Status page breadcrumb does not match page title
[SOAP-890] - VFSMGR help for -create user refers to non-existent "-setgroup" command
[SOAP-905] - Invalid HTML produced for Service Catalog method documentation.
[SOAP-922] - SOAPAM DDL refresh does not update the maxReplySize attribute of server elements.
[SOAP-926] - SOAPAM abends after invalid diagnostic config log is created.
[SOAP-927] - ICU data file not found if not located in the current subvol (L-series only)
[SOAP-930] - File System Browser opens the wrong file after files are sorted by name.
[SOAP-896] - SOAPAM deserializer treats comment as empty array element.
[SOAP-936] - Add support for strict-transport-security header
[SOAP-940] - Poor performance when serializing messages with large arrays of structures
[SOAP-927] - ICU data file not found if not located in the current subvol (L-series only)
New Features
[SOAP-935] - Upgrade to OpenSSL 1.0.2k
Version 3.1.2 - 26OCT2016
Problems Corrected
[SOAP-906] - Method documentation response message is truncated in IE11/Edge
[SOAP-891] - Statistics are not collected for methods that use SOAP payload passthrough.
[SOAP-910] - File system browser shows mobile view in IE 11 on Windows 10
[SOAP-891] - Statistics are not collected for methods that use SOAP payload passthrough.
New Features
[SOAP-909] - Update to OpenSSL 1.0.2j
Version 3.1.1 - 20AUG2015
Problems Corrected
[SOAP-858] - SOAPAM abends if an unexpected message arrives on $RECEIVE
[SOAP-863] - SDF Wizard may create an SDF file with line lengths exceeding Guardian edit file limit
[SOAP-864] - VFSMGR -get file command adds duplicate line terminators to edit files.
New Features
[SOAP-855] - Add support for NonStop X
[SOAP-865] - Update to OpenSSL 1.0.1p
Version 3.1.0 - 06APR2015
Problems Corrected
[SOAP-708] - SOAPAM may abend if UI handler hooks a page with no script tag.
[SOAP-710] - A malformed GET request may cause a server abend.
[SOAP-826] - Server VFS clean process performs begin/abort transaction unnecessarily when there are no VFS records to clean.
[SOAP-832] - Certificate renewal does not handle blank certificate fields correctly.
[SOAP-844] - Wizard string padding selection does not work on Firefox 35 browser.
[SOAP-847] - Stats configuration loader interprets missing [stats] section as invalid configuration file.
[SOAP-848] - User management allows addition of duplicate users.
[SOAP-854] - Wizard reports Unmapped error: errorMap['literal'] = 'undefined' on dictionary refresh error.
New Features
[SOAP-800] - Integrate Server Control Panel with new documentation platform
[SOAP-802] - Rebrand SOAP/AM to SOAPam
[SOAP-804] - Integrate Virtual File System browser into Control Panel
[SOAP-805] - Improve digest authentication algorithm
[SOAP-806] - Improve Service Catalog / Documentation / Diagnostics navigation
[SOAP-811] - Disable SSLv3 by default and allow command line option -SSLALLOWV3 to re-enable.
[SOAP-824] - Implement SSL/TLS forward secrecy.
[SOAP-825] - Mitigate SSL/TLS Secure Client-Initiated Renegotiation DOS attack vulnerability.
[SOAP-835] - Allow automatic disable of diagnostic logging after time limit.
[SOAP-767] - Allow HTTP Server header to be turned off.
[SOAP-781] - Allow SOAP envelope elements to be exchanged with the application server.
[SOAP-792] - Add endpoint mapping feature.
[SOAP-797] - Add support for unwrapped arrays.
[SOAP-833] - Add the pem format certificate to certificate displays.
[SOAP-853] - Upgrade to OpenSSL 1.0.1m.
Version 3.0.5 - 20AUG2015
Problems Corrected
[SOAP-827] - Server may abend if client disconnects while server I/O is outstanding.
[SOAP-854] - Wizard reports Unmapped error: errorMap['literal'] = 'undefined' on dictionary refresh error.
[SOAP-858] - SOAPAM abends if an unexpected message arrives on $RECEIVE
[SOAP-863] - SDF Wizard may create an SDF file with line lengths exceeding Guardian edit file limit
[SOAP-864] - VFSMGR -get file command adds duplicate line terminators to edit files.
New Features
[SOAP-865] - Update to OpenSSL 1.0.1p
[SOAP-876] - Update CAROOT file.
Version 3.0.4 - 27OCT2014
Problems Corrected
[SOAP-768] - Table headers on documentation page are ordered incorrectly
[SOAP-777] - Selecting wizard option "Expose numerics with zero scale as integers" has no effect.
[SOAP-782] - Method name is incorrectly aligned on the service documentation display page.
[SOAP-786] - Methods with in/out parameters are not displayed correctly on method documentation page.
[SOAP-793] - 64 bit integers are not formatted correctly in JSON responses.
[SOAP-795] - Nil response parameters are not correctly namespace qualified.
[SOAP-799] - Diagnostic logging silently fails if the logs/diagnostics folder is deleted
[SOAP-812] - PROPFIND method returns incorrect resource HREFs when server is behind a NAT firewall
New Features
[SOAP-807] - Update to OpenSSL 1.0.1j
Version 3.0.3 - 10APR2014
Problems Corrected
[SOAP-719] - Deserialization/serialization errors are not reported properly in SOAP faults.
[SOAP-746] - Server fails PCI scan with CVE-2011-3389 (BEAST) vulnerability.
[SOAP-748] - Control Panel throws javascript errors in IE 8.
[SOAP-750] - Control Panel File System Lock setting does not work.
[SOAP-751] - Control Panel SOAP/AM Client documentation link is incorrect in release 3.0.1.
[SOAP-752] - Request URI is not parsed correctly when it contains leading double forward slashes.
[SOAP-762] - Server may abend when accessing obsolete 2.x documentation stored in the VFS.
New Features
[SOAP-753] - Update TNS/E version to OpenSSL 1.0.1g.
[SOAP-759] - Update TNS/R version to OpenSSL 0.9.8y.
[SOAP-761] - Add certificate and keystore export/import to VFSMGR.
Version 3.0.1 - 19DEC2013
Problems Corrected
[SOAP-709] - SOAPAM process opens stdfiles, which prevents the backup process from starting.
[SOAP-713] - The third party license link in the Control Panel footer is incorrect.
[SOAP-734] - Clicking apply on folder properties / connection tab return HTTP 400
New Features
[SOAP-714] - Support associative array serialization in JSON responses.
Version 3.0.0 - 31MAY2013
Problems Corrected
None
New Features
[SOAP-385] - Add support for Pathway large messages.
[SOAP-451] - Allow element default values to be set from type element "value" attribute.
[SOAP-452] - Make requestMsg/replyMsg element generated by Wizard optional.
[SOAP-511] - Allow diagnostic logging to be disabled at the server level.
[SOAP-516] - Enhance xml display for wizard SDF display and soap sample
[SOAP-522] - Improve diagnostic log configuration page
[SOAP-560] - Add certificate chain to SOAPAMCP message dump.
[SOAP-579] - Provide support in SOAPAM for 2048 bit keys and certificate chains.
[SOAP-609] - Move documentation from VFS to web based content delivery system.
[SOAP-681] - Control Panel facelift.
[SOAP-689] - Add support for DDL2 dictionaries.