Orchestrator
2020.10
False
  • Versionshinweise
    • 2020.10.1
    • 2020.10.2
    • 2020.10.3
    • 2020.10.4
    • 2020.10.5
    • 2020.10.6
    • 2020.10.7
    • 2020.10.8
    • 2020.10.9
    • 2020.10.10
    • 2020.10.11
    • 2020.10.12
    • 2020.10.14
    • 2020.10.15
    • 2020.10.16
    • 2020.10.17
    • 2020.10.18
    • 2020.10.19
    • 2020.10.20
    • 2020.10.21
Bannerhintergrundbild
Kein Support
Versionshinweise zum Orchestrator
Letzte Aktualisierung 12. Dez. 2023

2020.10.18

Release-Datum: 12. Dezember 2022

Fehlerkorrekturen (Bug Fixes)

Behebung von Sicherheitslücken

  • Wir haben ein Problem behoben, das dazu führte, dass das Kennwort für die Verbindung mit einem Speicher-Bucket-Anbieter in der Datenbank gespeichert wurde. Dies ist aufgetreten, als Sie einen Speicher-Bucket erstellt oder bearbeitet haben. Das Kennwort kann von einem SQL-Administrator mit Lesezugriff auf die Datenbank oder von jeder Person mit Anzeigeberechtigung für Audit über API abgerufen werden.
  • Wir haben ein Problem behoben, das dazu führte, dass Kennwörter für den Anmeldeinformationsspeicher in der Datenbank gespeichert wurden. Die Kennwörter können von einem SQL-Administrator mit Lesezugriff auf die Datenbank oder von jeder Person mit Anzeigeberechtigung für Audit über API abgerufen werden.
  • Wir haben ein Problem behoben, das dazu führte, dass Lizenzcodes in der Antwort sichtbar waren, die von Aufrufen zurückgegeben wurde, die alle Überwachungsdaten abgerufen haben.
  • Wir haben ein Problem behoben, das dazu führte, dass Kennwörter für externe Feeds in der Datenbank gespeichert wurden. Dies ist aufgetreten, als Sie einen externen Feed zum Verwalten von Automatisierungspaketen erstellt haben.

Verwenden Sie dieses Skript, um alle Kennwörter zu bereinigen, die in den vorhandenen Protokollen angezeigt werden. Das Skript kann vor dem Upgrade auf diese Version ausgeführt werden. 

DECLARE @serverVersion INT
SET @serverVersion = ISNULL(CAST(COALESCE(SERVERPROPERTY('ProductMajorVersion'),PARSENAME(CAST(SERVERPROPERTY('productversion') AS varchar(20)), 4)) as INT),0)IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.Buckets' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.bucketDto.Password'', NULL)
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
                CHARINDEX(''Password'', [Parameters]) > 0 AND
                NULLIF(JSON_VALUE([Parameters], ''$.bucketDto.Password''), '''') IS NOT NULL'
    ELSE
        -- Remove all parameters if json functions are not supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
                CHARINDEX(''Password'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
         VALUES (null,null,'Migration.AuditCleanup.Buckets','true',GETUTCDATE())
ENDIF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.CredentialStores' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.credentialStoreDto.AdditionalConfiguration'', NULL)
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 1 AND
                NULLIF(JSON_VALUE([Parameters], ''$.credentialStoreDto.AdditionalConfiguration''), '''') IS NOT NULL
            -- Some records are truncated, so not valid JSON
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 0'
    ELSE
        -- Remove all parameters if json functions are not supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
         VALUES (null,null,'Migration.AuditCleanup.CredentialStores','true',GETUTCDATE())
ENDIF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedApiKey' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = JSON_MODIFY([CustomData], ''$.ApiKey'', NULL)
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''ApiKey'', [CustomData]) > 0 AND 
                JSON_VALUE([CustomData], ''$.ApiKey'') IS NOT NULL'
    ELSE
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = ''''
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''ApiKey'', [CustomData]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.PackageFeedApiKey','true',GETUTCDATE())
ENDIF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedBasicPassword' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = JSON_MODIFY([CustomData], ''$.BasicPassword'', NULL)
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''BasicPassword'', [CustomData]) > 0 AND 
                JSON_VALUE([CustomData], ''$.BasicPassword'') IS NOT NULL'
    ELSE
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = ''''
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''BasicPassword'', [CustomData]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.PackageFeedBasicPassword','true',GETUTCDATE())
ENDIF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.LicenseKey' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.licenseKey'', NULL)
            WHERE
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
                CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 1 AND
                JSON_VALUE([Parameters], ''$.licenseKey'') IS NOT NULL
                
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
                CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 0'
    ELSE
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE
            [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
            CHARINDEX(''licenseKey'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.LicenseKey','true',GETUTCDATE())
ENDDECLARE @serverVersion INT
SET @serverVersion = ISNULL(CAST(COALESCE(SERVERPROPERTY('ProductMajorVersion'),PARSENAME(CAST(SERVERPROPERTY('productversion') AS varchar(20)), 4)) as INT),0)
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.Buckets' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.bucketDto.Password'', NULL)
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
                CHARINDEX(''Password'', [Parameters]) > 0 AND
                NULLIF(JSON_VALUE([Parameters], ''$.bucketDto.Password''), '''') IS NOT NULL'
    ELSE
        -- Remove all parameters if json functions are not supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
                CHARINDEX(''Password'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
         VALUES (null,null,'Migration.AuditCleanup.Buckets','true',GETUTCDATE())
END
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.CredentialStores' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.credentialStoreDto.AdditionalConfiguration'', NULL)
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 1 AND
                NULLIF(JSON_VALUE([Parameters], ''$.credentialStoreDto.AdditionalConfiguration''), '''') IS NOT NULL
            -- Some records are truncated, so not valid JSON
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 0'
    ELSE
        -- Remove all parameters if json functions are not supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
         VALUES (null,null,'Migration.AuditCleanup.CredentialStores','true',GETUTCDATE())
END
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedApiKey' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = JSON_MODIFY([CustomData], ''$.ApiKey'', NULL)
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''ApiKey'', [CustomData]) > 0 AND 
                JSON_VALUE([CustomData], ''$.ApiKey'') IS NOT NULL'
    ELSE
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = ''''
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''ApiKey'', [CustomData]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.PackageFeedApiKey','true',GETUTCDATE())
END
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedBasicPassword' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = JSON_MODIFY([CustomData], ''$.BasicPassword'', NULL)
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''BasicPassword'', [CustomData]) > 0 AND 
                JSON_VALUE([CustomData], ''$.BasicPassword'') IS NOT NULL'
    ELSE
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = ''''
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''BasicPassword'', [CustomData]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.PackageFeedBasicPassword','true',GETUTCDATE())
END
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.LicenseKey' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.licenseKey'', NULL)
            WHERE
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
                CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 1 AND
                JSON_VALUE([Parameters], ''$.licenseKey'') IS NOT NULL
                
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
                CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 0'
    ELSE
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE
            [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
            CHARINDEX(''licenseKey'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.LicenseKey','true',GETUTCDATE())
END

Lesen Sie die Sicherheitsempfehlungen für UiPath Orchestrator – Offenlegung vertraulicher Informationen.

Allgemeine Fehlerbehebung

  • Wir haben ein temporäres Dateileck behoben, das dazu führen konnte, dass der Orchestrator-Server keinen freien Speicherplatz mehr hat.

Bekannte Probleme (Known Issues)

Die Liste der verfügbaren Benutzer, denen Sie Aufgaben zuweisen können, filtert nicht die Benutzer heraus, die nicht über die erforderlichen Berechtigungen verfügen. Die Auswahl eines solchen Benutzers führt zu einem Fehler bei der Aufgabenzuweisung.

Zeitachse der Einstellung

Wir empfehlen Ihnen, die Zeitleiste der veralteten Elemente regelmäßig auf Aktualisierungen in Bezug auf Funktionen zu überprüfen, die veraltet und entfernt werden.

War diese Seite hilfreich?

Support und Services
Hilfe erhalten
UiPath Academy
RPA lernen – Automatisierungskurse
UiPath-Forum
UiPath Community-Forum
UiPath Logo weiß
Vertrauen und Sicherheit
Nutzungsbedingungen
Datenschutzerklärung
Cookie-Richtlinie
© 2005-2024 UiPath. All rights reserved.