2022.4.5
Data de lançamento: 12 dezembro de 2022
Adicionado em 12 de janeiro de 2023: a versão mínima do Elasticsearch e do Kibana foi alterada
A partir desta versão, a versão mínima exigida para Elasticsearch e Kibana é 7.16.3.
Além disso, o Elasticsearch 7.16.3 deve ser instalado via .zip pacote, pois os pacotes do instalador Windows MSI deste produto não são mais lançados após 7.16.2.
UnsupportedProductException
. Esse problema será corrigido na próxima atualização cumulativa, permitindo que você também use versões anteriores do Elasticsearch.
jobs.created
para o caso de teste agora contém o ID do robô específico e a máquina usada para a execução do trabalho.
- Corrigimos um problema que fazia com que a senha usada para se conectar a um provedor de bucket de armazenamento fosse armazenada no banco de dados. Isso ocorria ao criar ou editar um bucket de armazenamento. A senha podia ser recuperada por um administrador de SQL com acesso de leitura ao banco de dados ou por qualquer pessoa com permissão para Visualizar a Auditoria pela API.
- Corrigimos um problema que fazia com que as senhas dos armazenamentos de credenciais fossem armazenadas no banco de dados. As senhas podiam ser recuperadas por um administrador de SQL com acesso de leitura ao banco de dados ou por qualquer pessoa com permissão para Visualizar a Auditoria pela API.
- Corrigimos um problema que fazia com que códigos de licenças ficassem visíveis na resposta retornada por chamadas que recuperavam todos os dados de auditoria.
- Corrigimos um problema que fazia com que senhas de feeds fossem armazenadas no banco de dados. Isso ocorria ao criar um feed externo para manutenção dos pacotes de automação.
Use esse script para limpar quaisquer senhas exibidas nos logs existentes. O script pode ser executado antes de atualizar para essa versão.
DECLARE @serverVersion INT
SET @serverVersion = ISNULL(CAST(COALESCE(SERVERPROPERTY('ProductMajorVersion'),PARSENAME(CAST(SERVERPROPERTY('productversion') AS varchar(20)), 4)) as INT),0)
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.Buckets' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = JSON_MODIFY([Parameters], ''$.bucketDto.Password'', NULL)
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
CHARINDEX(''Password'', [Parameters]) > 0 AND
NULLIF(JSON_VALUE([Parameters], ''$.bucketDto.Password''), '''') IS NOT NULL'
ELSE
-- Remove all parameters if json functions are not supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
CHARINDEX(''Password'', [Parameters]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.Buckets','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.CredentialStores' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = JSON_MODIFY([Parameters], ''$.credentialStoreDto.AdditionalConfiguration'', NULL)
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 1 AND
NULLIF(JSON_VALUE([Parameters], ''$.credentialStoreDto.AdditionalConfiguration''), '''') IS NOT NULL
-- Some records are truncated, so not valid JSON
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 0'
ELSE
-- Remove all parameters if json functions are not supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.CredentialStores','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedApiKey' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = JSON_MODIFY([CustomData], ''$.ApiKey'', NULL)
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''ApiKey'', [CustomData]) > 0 AND
JSON_VALUE([CustomData], ''$.ApiKey'') IS NOT NULL'
ELSE
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = ''''
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''ApiKey'', [CustomData]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.PackageFeedApiKey','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedBasicPassword' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = JSON_MODIFY([CustomData], ''$.BasicPassword'', NULL)
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''BasicPassword'', [CustomData]) > 0 AND
JSON_VALUE([CustomData], ''$.BasicPassword'') IS NOT NULL'
ELSE
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = ''''
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''BasicPassword'', [CustomData]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.PackageFeedBasicPassword','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.LicenseKey' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = JSON_MODIFY([Parameters], ''$.licenseKey'', NULL)
WHERE
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND
CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 1 AND
JSON_VALUE([Parameters], ''$.licenseKey'') IS NOT NULL
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND
CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 0'
ELSE
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND
CHARINDEX(''licenseKey'', [Parameters]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.LicenseKey','true',GETUTCDATE())
END
DECLARE @serverVersion INT
SET @serverVersion = ISNULL(CAST(COALESCE(SERVERPROPERTY('ProductMajorVersion'),PARSENAME(CAST(SERVERPROPERTY('productversion') AS varchar(20)), 4)) as INT),0)
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.Buckets' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = JSON_MODIFY([Parameters], ''$.bucketDto.Password'', NULL)
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
CHARINDEX(''Password'', [Parameters]) > 0 AND
NULLIF(JSON_VALUE([Parameters], ''$.bucketDto.Password''), '''') IS NOT NULL'
ELSE
-- Remove all parameters if json functions are not supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
CHARINDEX(''Password'', [Parameters]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.Buckets','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.CredentialStores' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = JSON_MODIFY([Parameters], ''$.credentialStoreDto.AdditionalConfiguration'', NULL)
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 1 AND
NULLIF(JSON_VALUE([Parameters], ''$.credentialStoreDto.AdditionalConfiguration''), '''') IS NOT NULL
-- Some records are truncated, so not valid JSON
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 0'
ELSE
-- Remove all parameters if json functions are not supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.CredentialStores','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedApiKey' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = JSON_MODIFY([CustomData], ''$.ApiKey'', NULL)
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''ApiKey'', [CustomData]) > 0 AND
JSON_VALUE([CustomData], ''$.ApiKey'') IS NOT NULL'
ELSE
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = ''''
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''ApiKey'', [CustomData]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.PackageFeedApiKey','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedBasicPassword' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = JSON_MODIFY([CustomData], ''$.BasicPassword'', NULL)
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''BasicPassword'', [CustomData]) > 0 AND
JSON_VALUE([CustomData], ''$.BasicPassword'') IS NOT NULL'
ELSE
-- Remove just the password if json functions are supported
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogEntities]
SET [CustomData] = ''''
WHERE
[EntityId] IS NULL AND
[EntityName] = ''UiPackageFeed'' AND
CHARINDEX(''BasicPassword'', [CustomData]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.PackageFeedBasicPassword','true',GETUTCDATE())
END
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.LicenseKey' AND [TenantId] IS NULL)
BEGIN
IF @serverVersion >= 13 -- SQL Server 2016
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = JSON_MODIFY([Parameters], ''$.licenseKey'', NULL)
WHERE
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND
CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 1 AND
JSON_VALUE([Parameters], ''$.licenseKey'') IS NOT NULL
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND
CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
ISJSON([Parameters]) = 0'
ELSE
EXECUTE sp_executesql N'
UPDATE [dbo].[AuditLogs]
SET [Parameters] = ''''
WHERE
[ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND
CHARINDEX(''licenseKey'', [Parameters]) > 0'
INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
VALUES (null,null,'Migration.AuditCleanup.LicenseKey','true',GETUTCDATE())
END
Leia a orientação de segurança para o UiPath Orchestrator - Exposição de Informações Confidenciais.
- Melhoramos a segurança de nosso sistema restringindo a exposição de informações internas desnecessárias em determinadas respostas de erros.
- Os robôs não podiam recuperar suas senhas se seus segredos fossem armazenados em um armazenamento de credenciais do HashiCorp Vault configurado com o mecanismo de segredos do ActiveDirectory.
- Arquivos de buckets de armazenamento eram excluídos incorretamente devido a um problema relacionado à exclusão de pastas. Especificamente, ao desvincular um bucket de armazenamento de uma pasta e, em seguida, excluir essa pasta, os arquivos incluídos no bucket de armazenamento desvinculado também eram excluídos. O mesmo ocorria ao excluir a pasta sem primeiro desvincular o bucket de armazenamento. Isso acontecia apesar de o bucket de armazenamento ainda estar vinculado a outras pastas.
Recomendamos que você verifique regularmente o cronograma de obsolescência para ver se há atualizações relacionadas a funcionalidades que serão descontinuadas e removidas.