Orchestrator
2021.10
false
  • Release notes
    • 2021.10
    • 2021.10.1
    • 2021.10.2
    • 2021.10.4
    • 2021.10.6
    • 2021.10.8
    • 2021.10.9
    • 2021.10.10
    • 2021.10.11
    • 2021.10.12
    • 2021.10.14
    • 2021.10.15
Orchestrator Release Notes
Last updated 2024年4月19日

2021.10.9

Release date: 12 December 2022

Added 12 January 2023: Minimum Elasticsearch and Kibana version changed

Starting with this release, the minimum version required for Elasticsearch and Kibana is 7.16.3.

Additionally, Elasticsearch 7.16.3 must be installed via .zip package, as Windows MSI installer packages of this product are no longer released after 7.16.2.

Known issue: Elasticsearch versions earlier that 7.16.3 prevent logging and return an UnsupportedProductException. This issue will be fixed in the upcoming cumulative update, enabling you to also use earlier Elasticsearch versions.

Bug Fixes

Security Vulnerability Fixes

  • We have fixed an issue that caused the password used for connecting to a storage bucket provider to be stored in the database. This occurred when you created or edited a storage bucket. The password could be retrieved by an SQL administrator with read access to the database, or by anyone with View permission on Audit via API.
  • We have fixed an issue that caused credential store passwords to be stored in the database. The passwords could be retrieved by an SQL administrator with read access to the database, or by anyone with View permission on Audit via API.
  • We have fixed an issue that caused license codes to be visible in the response returned by calls that retrieved all audit data.
  • We have fixed an issue that caused external feed passwords to be stored in the database. This occurred when you created an external feed for maintaining automation packages.

Use this script to clean up any passwords displayed in the existing logs. The script can be run before upgrading to this version.

DECLARE @serverVersion INT
SET @serverVersion = ISNULL(CAST(COALESCE(SERVERPROPERTY('ProductMajorVersion'),PARSENAME(CAST(SERVERPROPERTY('productversion') AS varchar(20)), 4)) as INT),0)IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.Buckets' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.bucketDto.Password'', NULL)
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
                CHARINDEX(''Password'', [Parameters]) > 0 AND
                NULLIF(JSON_VALUE([Parameters], ''$.bucketDto.Password''), '''') IS NOT NULL'
    ELSE
        -- Remove all parameters if json functions are not supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
                CHARINDEX(''Password'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
         VALUES (null,null,'Migration.AuditCleanup.Buckets','true',GETUTCDATE())
ENDIF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.CredentialStores' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.credentialStoreDto.AdditionalConfiguration'', NULL)
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 1 AND
                NULLIF(JSON_VALUE([Parameters], ''$.credentialStoreDto.AdditionalConfiguration''), '''') IS NOT NULL
            -- Some records are truncated, so not valid JSON
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 0'
    ELSE
        -- Remove all parameters if json functions are not supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
         VALUES (null,null,'Migration.AuditCleanup.CredentialStores','true',GETUTCDATE())
ENDIF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedApiKey' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = JSON_MODIFY([CustomData], ''$.ApiKey'', NULL)
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''ApiKey'', [CustomData]) > 0 AND 
                JSON_VALUE([CustomData], ''$.ApiKey'') IS NOT NULL'
    ELSE
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = ''''
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''ApiKey'', [CustomData]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.PackageFeedApiKey','true',GETUTCDATE())
ENDIF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedBasicPassword' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = JSON_MODIFY([CustomData], ''$.BasicPassword'', NULL)
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''BasicPassword'', [CustomData]) > 0 AND 
                JSON_VALUE([CustomData], ''$.BasicPassword'') IS NOT NULL'
    ELSE
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = ''''
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''BasicPassword'', [CustomData]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.PackageFeedBasicPassword','true',GETUTCDATE())
ENDIF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.LicenseKey' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.licenseKey'', NULL)
            WHERE
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
                CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 1 AND
                JSON_VALUE([Parameters], ''$.licenseKey'') IS NOT NULL
                
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
                CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 0'
    ELSE
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE
            [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
            CHARINDEX(''licenseKey'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.LicenseKey','true',GETUTCDATE())
ENDDECLARE @serverVersion INT
SET @serverVersion = ISNULL(CAST(COALESCE(SERVERPROPERTY('ProductMajorVersion'),PARSENAME(CAST(SERVERPROPERTY('productversion') AS varchar(20)), 4)) as INT),0)
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.Buckets' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.bucketDto.Password'', NULL)
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
                CHARINDEX(''Password'', [Parameters]) > 0 AND
                NULLIF(JSON_VALUE([Parameters], ''$.bucketDto.Password''), '''') IS NOT NULL'
    ELSE
        -- Remove all parameters if json functions are not supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
                CHARINDEX(''Password'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
         VALUES (null,null,'Migration.AuditCleanup.Buckets','true',GETUTCDATE())
END
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.CredentialStores' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.credentialStoreDto.AdditionalConfiguration'', NULL)
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 1 AND
                NULLIF(JSON_VALUE([Parameters], ''$.credentialStoreDto.AdditionalConfiguration''), '''') IS NOT NULL
            -- Some records are truncated, so not valid JSON
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 0'
    ELSE
        -- Remove all parameters if json functions are not supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
         VALUES (null,null,'Migration.AuditCleanup.CredentialStores','true',GETUTCDATE())
END
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedApiKey' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = JSON_MODIFY([CustomData], ''$.ApiKey'', NULL)
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''ApiKey'', [CustomData]) > 0 AND 
                JSON_VALUE([CustomData], ''$.ApiKey'') IS NOT NULL'
    ELSE
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = ''''
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''ApiKey'', [CustomData]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.PackageFeedApiKey','true',GETUTCDATE())
END
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedBasicPassword' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = JSON_MODIFY([CustomData], ''$.BasicPassword'', NULL)
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''BasicPassword'', [CustomData]) > 0 AND 
                JSON_VALUE([CustomData], ''$.BasicPassword'') IS NOT NULL'
    ELSE
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = ''''
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''BasicPassword'', [CustomData]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.PackageFeedBasicPassword','true',GETUTCDATE())
END
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.LicenseKey' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.licenseKey'', NULL)
            WHERE
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
                CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 1 AND
                JSON_VALUE([Parameters], ''$.licenseKey'') IS NOT NULL
                
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
                CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 0'
    ELSE
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE
            [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
            CHARINDEX(''licenseKey'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.LicenseKey','true',GETUTCDATE())
END

Miscellaneous Fixes

  • We have improved the security of our system by restricting unnecessary internal information from being exposed in certain error responses.
  • Storage bucket files were incorrectly deleted due to an issue related to folder deletion. Specifically, when you unlinked a storage bucket from a folder, then you deleted that folder, the files included in the unlinked storage bucket were also deleted. The same occurred when you deleted the folder without first unlinking the storage bucket. This happened despite the storage bucket still being linked to other folders.

Deprecation Timeline

We recommend that you regularly check the deprecation timeline for any updates regarding features that will be deprecated and removed.

  • Bug Fixes
  • Security Vulnerability Fixes
  • Miscellaneous Fixes
  • Deprecation Timeline

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.