Original Release Name - pi.2021-11-25

Patched Release Name - pi.2021-11-25.1

Patched Release Name - pi.2021-11-25.2

Patched Release Name - pi.2021-11-25.4

Original Release Date - Dec 9, 2021

Patched Release Date - Dec 13, 2021

Patched Release Date - Dec 16, 2021

Patched Release Date - Dec 20, 2021

Download It Now

We are pleased to present our latest offering of pi - our November 2021 release! This page helps summarise and familiarise you with the changes we have made, and is supported (where applicable) with useful videos to help explain the changes we have delivered.

Dec 13, 2021 - in response to a Java security vulnerability around Log4J2, we have opted to patch our November dashboard release to mitigate against any risks. More information can be found HERE.

Dec 16, 2021 - because of the need for customers to upgrade to the latest version of the dashboard, to benefit from Log4J2 patches, it is imperative that the release notes and upgrade documentation is read and understood before attempting to upgrade, so you are aware of the changes made to the dashboard and any additional configuration that you may need to change to complete a successful upgrade. We always suggest attempting upgrades in non Production environments beforehand.

Multiple customers have recently attempted to upgrade through multiple versions, and have come across issues around environment variables, proxy and embedding settings - for more information on these areas, we recommend reviewing the Embedding Dashboard & Charts page first

Before upgrading, we recommend taking a backup. You can find more information here.

Here’s what we’ll cover;

1 Added
- 1.1 Role level variables and restrictions
- 1.2 New Magic Variables (Zendesk#16540)
2 Changed
3 Fixed
4 Keeping An Eye On pi

Added

Role level variables and restrictions

User Settings

Role level variables and role level restrictions have been added to the system. This means that the system now has a more flexible way to provide variables and restrictions to a user.

previously, if 10 users shared the same variable you would need to add that variable to each individual user
now, you can create a role with a variable and if this role is then assigned to 10 users, they would all have this variable
the same concept also applies to role restrictions

Please look at Role Level Variables for more information.

Video

We’ve created a short video to explain this in a bit more detail.

New Magic Variables (Zendesk#16540)

Variables

2 new magic variables have been added:

LANGUAGE_LOCALE - locale from language selection on the login screen (these selectable options are configured from dashboard installation on the server machine)
LOCALE - locale of a user's browser, which generally is used for date formatting (this reflects whatever locale a user set on their browser)

Changed

Response to Log4J2 vulnerability - updated Log4Shell versions

Security

Patched Release 2021-11-25.1 - updated Log4J2 library to version 2.15.0 in response to security vulnerability (CVE-2021-44228).

Patched Release 2021-11-25.2 - updated Log4J2 library to version 2.16.0 in response to security vulnerability (CVE-2021-45046)

Patched Release 2021-11-25.4 - updated Log4J2 library to version 2.17.0 in response to security vulnerability (CVE-2021-45105)

Adjusted file maintainance process during upgrade processing for Log4J

Security

There will only be 1 version of log4j in the dashboard installation files, showing the latest version

Files are located here:

C:\Program Files\Installation_location\Dashboard\tomcat\webapps\panLicenceManager\WEB-INF\lib
C:\Program Files\Installation_location\Dashboard\tomcat\webapps\panMISDashboardResources\WEB-INF\lib

Increase VALUE field in MIS_VARIABLES (Zendesk#17239)

Configuration

A ‘value’ field in the MIS_VARIABLES table has been changed from varchar(4000) to long text in order to accommodate longer text inputs.

Remove maxSize restrictions from user interactable domain object fields