Current Release: v7.1.3
Release Highlights
The 7.1 release of the Cequence Unified API Protection (UAP) platform has several new features. This release is generally available as of June 11, 2024.
Upgrade impacts
Configuration for the App Tags feature has changed to support wildcards. When you configure an App Tag, you can specify wildcards for the domain field, the path field, or both. App Tags can containmultiple host/path values with wildcards. You can specify a wildcard multiple times within a host or a path value, as in the example *.domain.co.* or /v1/*/orders/*. Note that specified strings in these fields match supersets, so that domain.com matches sub.domain.com and sub.domain.com.tld. To specify a strict match for only the specified string, use ^domain.com$.
Resolved Issues
Release 7.1.3
SECTEST-1061 The cloud update test catalog function fails in an airgapped environment, preventing app from starting
Release 7.1.2
CEQASP-3823 Users configured in SSO/SAML show up in the UI as local accounts
CEQASP-4815 UBS PoV: Add Source Info
Release 7.1.1
CEQASP-4994 [Bot Analyzer] Hide NWIQ MMDB processing logic behind flag
Release 7.1
CEQASP-3699 Regression - Static Rule Configuration for custom rules
CEQASP-3770 Versions changes in the third-party-charts-and-versions.txt file.
CEQASP-3781 Return the instances widget in Traffic-Analyzer and Resource metrics
CEQASP-3795 Publish the arm64 versions of the Strimzi/Kafka and Elasticsearch images
CEQASP-3813 Import Export should Support Data Export
CEQASP-3822 UI: User accounts should have a lockout policy to prevent brute force attacks
CEQASP-3831 Helm chart can't read ES template due to a malformatted condition
CEQASP-3846 [Component-Configuration] Connectors not recreated when kafka is rebuilt
CEQASP-3853 Uninstall script: Need clean uninstall of prometheus stack
CEQASP-3859 Detection dashboard pivot should show empty charts if no key is selected on data grid
CEQASP-3927 invalid Kafka template yaml
CEQASP-3946 eck operator override file should not have an image tag
CEQASP-3947 Ability to support `.` special char in cookies for custom authentication
CEQASP-3951 Import Export fails on Missing index
CEQASP-3978 Resource Discovery is constantly crashing in regions environment
CEQASP-3979 Add codec size to the default chart values fro integration-executor
CEQASP-3984 Keycloak Init and Elasticsearch Init are build with root user
CEQASP-4015 API Sentinel: Dashboard View total endpoints not correctly linking back to inventory
CEQASP-4017 Seeing Multiple @RequestMapping annotations WARN on bff on latest master
CEQASP-4027 [Bot-Analyzer] Set isOldBrowser to false if Major Browser Version is not found
CEQASP-4104 Bot Analyzer - Concurrent Modification issue in parameterized url matching
CEQASP-4143 TA drops traffic
CEQASP-4183 Metrics deleted after a couple of days
CEQASP-4310 Merge Parents and Merge Children filters should be removed from UI
CEQASP-4311 REGRESSION : Component Config is going in crash loop in latest master ceqasp
CEQASP-4312 Risk Category disabled on fresh install
CEQASP-4313 API Sentinel: withTraffic: should be supported for backward compatibility in Dashboard and Inventory
CEQASP-4320 Traffic Metrics is throwing 500 in detection dashboard for 24 hours / 1 Week timeframe on latest master of ceqasp
CEQASP-4323 When API Spec is selected in inventory it does not show shadow end points
CEQASP-4324 The cancel button seems to be missing from the API spec gen modal
CEQASP-4326 REGRESSION : Component Config is throwing 500 error for fraud rules
CEQASP-4327 Resource Dictionary failing on master
CEQASP-4342 View Transactions - Hidden filter parameters and lack of usability within page.
CEQASP-4343 Selecting Published, Shadow, Discovered does not fetch result
CEQASP-4363 ARM images not present for 7x releases
CEQASP-4464 fix broken usernames modal on det dashboard
CEQASP-4482 resource dictionary migrator unable to migrate metrics after upgrade on master:Blocker
CEQASP-4545 Paths not shown in the API Definition details
CEQASP-4556 Traffic Analyzer is not evaluating spec conformance after inventory rearch
CEQASP-4704 API Sentinel: Custom auth not working properly after re-arch story
CEQASP-4709 Fix Failing test cases in Component Configuration
CEQASP-4715 resource metrics tests are failing
CEQASP-4716 Response body and request body is not shown - master
CEQASP-4717 component config - Does not delete auth type
CEQASP-4727 Bot Analyzer : No way to track individual rules execution times
CEQASP-4790 New Grafana dashboard shows wrong namespace name and also no data
CEQASP-4794 Upgrading Release Utils to match the jobs for Resource Dictionary
CEQASP-4797 API Sentinel: Dashboard links to Inventory for Inactive flows not giving correct information
CEQASP-4798 APi Sentinel: LastSeen Null is being detected for discovered and shadow APIs.
CEQASP-4799 API Sentinel: Alpha Inventory API Defintions page
CEQASP-4800 Never Active does not show on new inventory
CEQASP-4806 The custom auth logic should be fixed as a prereq for Springboot 3 upgrade
CEQASP-4837 Create Separate Policy for Resource-Metrics Indices
CEQASP-4843 Install script fails when trying to install with airflow enabled
CEQASP-4894 Expose number of partitions for cq.api-transactions topic in helm chart as a values override
CEQASP-4918 Fix the transaction lag metric created for CEQASP-4705
CEQASP-3717 [Helm Chart] Deprecate elastic curator
CEQASP-3955 Split API Spec and resource dictionary as a separate component in import export
CEQASP-4563 Update HPA API Version
SECTEST-525 'between' & 'notBetween' operators are not working as expected
On-Premises Deployments
Package | Version | Location |
Helm Chart | 7.1.3 | https://cequence.gitlab.io/helm-charts/ |
Scan Results:
Attached file.