Orchestrator Release Notes
2022.10.5
Erratum: Added 16 January 2024
The SAML SSO Configuration page displayed an incorrect Assertion Customer Service URL. As a workaround, you had to manually configure the Assertion Customer Service URL in the IDP without the partition ID. The Assertion Customer Service URL is now correctly displayed, and the manual workaround is no longer necessary. Upon upgrading to 2022.10.5 or subsequent 2022.10 patches, you will need to change the Assertion Customer Service URL to include the partition ID (can be found in the SAML configuration page).
Release date: 13 June 2023
-
Due to a lack of synchronization, changes made to robot accounts and external applications at the organization level were not reflected in Orchestrator. Now, when you delete or rename an external application or when you delete a robot account at the organization level, the same thing happens to these entities in the Orchestrator folders where they were added.
-
Using the Upload JSON and override option at the transaction level, in the Edit queue item window, allowed you to bypass important validations related to unsupported characters. This would lead to errors when trying to use that particular queue. The issue no longer occurs.
Swagger UI
We have fixed an issue that affected Swagger UI versions 3.14.1 to 3.37.2, allowing their libraries to fetch potentially malicious specification files linked through Swagger UI. Note that the issue is not directly exploitable, and it requires an authenticated user to actually open the malicious link.
To overcome this, we strongly advise you to update to the latest possible version (major or cumulative update).
Please see the security advisory for details.
-
This version includes various accessibility fixes.
- When you uploaded a new custom logo, the preview functionality no longer worked. Now, you can preview the new logo in the header, just like before.
- When you exported a folder role, the tenant-level permissions of that role were also exported. This issue is now fixed.
- Executions were not properly assigned to available robots. This happened when a large number of robots were called for the same template, and assigned to the same job.
- Using the latest version of the BeyondTrust Server or upgrading to it would sometimes cause integration issues. Now, everything works as expected.
- Editing a postpone date for a queue item used the UTC value instead of the tenant time zone value.
- Retrieving queue item events and comments returned a list from all the folders in the tenant. Now, you get the list of queue item events and comments only for the folders that you have access to.
- Closing the Orchestrator maintenance mode through Swagger UI did not succeed due to an authentication error. This issue is now fixed.
- The Next Run Time column for time triggers sometimes displayed a past date, despite the trigger being enabled and its tooltip showing the correct future run time.
- The runtime used by a robot to run an automation was not released once the robot service stopped. This was caused by an inaccuracy in the succession of activities, which has been fixed. Now, when the robot is disconnected, its runtime is released into the tenant pool.
- The keyboard shortcut to close pop-up messages (
Delete + X
) did not work.
We recommend that you regularly check the deprecation timeline for any updates regarding features that will be deprecated and removed.