...

• TIP-31701 - Submission error "Could not generate PDF" shown for some submissions with large pdf snapshots.

v10.2.6 (r3be8a2d)

Cloud Release: June 10, 2022

...

• TIP-31700 - Submission error "Could not generate PDF" shown for some submissions with large pdf snapshots.

v10.2.5 (ra471fee)

...

• TIP-31680 - After v10.2.4 patch upgrade, submission error "Could not generate PDF" shown for some submissions with large pdf snapshots.

v10.2.4 (r4de71f9)

...

• TIP-31644 - Edit Tenant page: Azure fields are hidden/invalid so other changes to the page cannot be submitted.
• TIP-31642 - Submission CSV download has blank rows when table control is set as a searchable/export field and does not have a value.
• TIP-31629 - Rules: The form.user.uuid _data parameter resolves to null.
• TIP-31623 - OptionsURL inside a repeat does not resolve a control template in the url.
• TIP-31617 - Using the same form more than once in a flow can create duplicate control ids, and result in a Form Save Failed error when moving/deleting existing controls or the step.
• TIP-31613 - Task List: When Inbox is empty, View Task does not load on the Recent Tasks view, and clicking Saved Tasks does not clear the recent task lists.
• TIP-31607 - After v10.2 frevvo Operational Reports show "No Data Available".
• TIP-31565 - Adding/Trying Installable Templates gives an Application Error (new tenants and www.frevvo.com).
• TIP-31498 - Security: Upgraded to spring-security-oauth2 version v2.5.2 library to mitigate CVE-2022-22969: Denial-of-Service (DoS) in spring-security-oauth2.
• TIP-31417 - PDF Snapshot: After a Chrome update, clicking the Submit/Continue button displays "Please Wait" but does not submit form/workflow.

v10.2.3 (rbc601de)

...

• TIP-31581 - Date Controls do not flag invalid values.
• TIP-31578 - Application error throw when editing a Project if it contains one or more corrupt forms.
• TIP-31540 - Values in from-schema decimal controls are treated as strings when the Display As property is Text.
• TIP-31537 - Operational Reports display "No Data Available" in the data table.
• TIP-31534 - The magnifying glass icon under DATA SOURCES (form/workflow designer) is not highlighting from-schema controls.
• TIP-31504 - Link to documentation in "Workflow Step Settings" goes to 'page not found'.
• TIP-31503 - Unsaved changes warning is incorrectly shown when navigating from read-only workflow view to any other page.
• TIP-31500 - Security: Do not allow upload of project/form/workflow .zip file if the file contains any entry that changes the base directory.

v10.2.2 (rcc5932b)

...

• TIP-31545 - A palette control in a workflow does not respect the pattern property.
• TIP-31541 - (Workflows) Values in selection controls using dynamic options become invalid in later steps if options are not re-populated.
• TIP-31538 - Checkbox with multiple values selected appears empty/invalid after Save or in later steps.
• TIP-31536 - Deployment state is not retained when uploading/replacing a form/flow.
• TIP-31519 - Submission XML version declaration is not compatible with .net services.

• TIP-31539 - Cached allowed values in from schema controls cause them to be flagged as invalid.

v10.2.1 (r32a0e98)

...

• TIP-31518 - After v10.2 Upgrade no submissions are shown for forms/workflows with multiple content types.
• TIP-31517 - Export Fields incorrectly appear in Task List Search "Fields" dropdown; selecting one causes a Task Update Failed Error.
• TIP-31512 - Unable to delete non-designer users from the users.csv upload.
• TIP-31511 - All Projects fail to load if there is any corrupt project in the user's account.
• TIP-31505 - .NET API: Users' request incorrectly blocked to forms/workflows.

v10.2.0 (rcbbe1fc)

...

• TIP-31075 - SOLR upgraded to address Log4j Critical RCE Vulnerability. Additional vulnerabilities resolved by upgrade to Apache Solr v8.7.0:
  • TIP-30812 - Checks that prevent dangerous features in a ConfigSet may be circumvented in Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2.
  • TIP-30812 - The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104.
  • TIP-29065 - CWE-331: Insufficient Entropy
  • TIP-28832 - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') 
• TIP-30427 - AWS ECR: Docker Image Vulnerability Scan - CVE-2019-14889 A flaw found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8 was resolved by upgrading OpenJDK docker image to 11.0.13-bullseye.
• TIP-29376 - CVE-2021-24122 Apache Tomcat Information Disclosure "When serving resources from a network location using the NTFS file system it was possible to bypass security constraints and/or view the
  source code for JSPs in some configurations." resolved by upgrade to tomcat version 9.0.40.
• TIP-28955 - CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) mitigated using contextual escaping on all untrusted data before using it to construct any portion of an HTTP response.
• TIP-28759 - Issue where a malicious link with CSRF attack can delete frevvo resources is resolved.

End of Life Policy

...