| V10031 |
| SAS Middle Tier 9.4_M3 |
| Issue(s) Addressed: | Introduced: |
| 56550 | SAS® Studio Mid-Tier enterprise edition times out after 12 hours even if a longer time-out interval has been set |
V10001 |
| 56560 | SAS® Content Server is vulnerable to an XML external entity exploitation (CVE-2015-1833) |
V10001 |
| 57137 | Unable to start SAS® Strategy Management Workflow after migrating SAS Strategy Management content to the SAS® 9.4_M3 release |
V10001 |
| 60440 | A session-hijacking vulnerability exists in SAS® web applications |
V10001 |
| 58675 | A "deadlock detected" error occurs in SAS® Workflow Services when you attempt to transition a business object from one workflow state to another |
V10001 |
| 58867 | TLSv1.2 is not supported by Java IOM clients |
V10001 |
| 59129 | SAS® Workflow Studio converts Hebrew characters to the Unicode NCR representation of the Hebrew text |
V10001 |
| 60437 | A cross-site scripting vulnerability exists in the Preferences web application for SAS® 9.3 TS1M0 and later |
V10001 |
| 60163 | "An error exists in the User Service configuration. All preferences will be ignored in this session." occurs when you log on to SAS® Enterprise Miner™ |
V10001 |
| 60351 | Internet HTTP requests for "tgt.keepal.ive" and "www.LazySecurityContext.com" originate from SAS® 9.4 Web Infrastructure Platform |
V10001 |
| 60265 | Arbitrary redirection from SAS® 9.4 Logon Manager results in a phishing vulnerability |
V10001 |
| 62666 | SAS® Content Server contains a cross-site request forgery (CSRF) vulnerability |
V10001 |
| 65345 | A deadlock occurs in SAS® Workflow Services when you attempt to transition a business object from one workflow state to another |
V10001 |
| 65077 | SAS® Enterprise Case Management does not report an error when you attempt to attach a file with a blocked file extension |
V10001 |
| 65078 | SAS® Enterprise Case Management does not respond properly when disallowed file uploads are blocked |
V10001 |
| 56414 | SAS® Web Report Studio list tables might display a user-defined format in the total row |
V10002 |
| 56960 | SAS® Deployment Wizard might fail when you import the Shared Services database during configuration of the SAS® Web Infrastructure Platform under UNIX |
V10002 |
| 57047 | Renaming a SAS® Visual Analytics report might fail with "403 (Forbidden) during MOVE" |
V10002 |
| 57149 | Renaming an object in SAS® Model Manager gives a "You do not have permission to rename ..." error |
V10002 |
| 57131 | SAS® Data Integration Studio jobs that contain an SQL subquery lose subquery metadata after you run the Analyze and Repair Tool |
V10003 |
| 57252 | Scheduling does not work with jobs that use a one-time password security context |
V10003 |
| 56910 | The SAS® Deployment Backup and Recovery tool takes longer than expected to complete the backup |
V10003 |
| 57097 | The Update Host Name References tool in SAS® Deployment Manager builds an invalid JDBC URL and an error message is generated |
V10004 |
| 57412 | SAS® Visual Analytics might not display selected email addresses |
V10004 |
| 57799 | The WebDAV repository connection attempt fails with HTTP connection-manager errors |
V10004 |
| 56172 | Disabling a cube in SAS® OLAP Cube Studio or SAS® Data Integration Studio might fail if you are using a load-balanced SAS® OLAP Server |
V10005 |
| 57714 | SAS® Web Report Studio reports that include prompts from a SAS® Stored Process might return "The responses you entered are invalid" |
V10005 |
| 58042 | When you import tables using SAS® Management Console, the physical names of the imported tables become corrupted |
V10005 |
| 58068 | A calculated item that includes the INTNX function fails validation in SAS® Customer Intelligence Studio |
V10005 |
| 58197 | When you click the Data Server tab in SAS® Management Console, an out-of-memory condition occurs and performance is affected |
V10005 |
| 58377 | Passwords are shown in plain text in the SAS® Decision Services logs and SAS® Federation Server logs |
V10006 |
| 58469 | When you import a SAS® Data Integration Studio job containing a Lookup transformation, "Error: Lookup has no target column mapping information" occurs |
V10006 |
| 58776 | A cross-site scripting vulnerability exists in the SAS® web applications |
V10007 |
| 52971 | Results are incorrect when you use the operator EXACTLY MATCHES in the custom details of SAS® Marketing Automation |
V10007 |
| 58846 | You receive the error "Scheduling of job-name failed..." when you schedule flows using SAS® Management Console |
V10008 |
| 58366 | SAS® Management Console stops responding when you access Active Server Properties for metadata server details or to send a test alert message |
V10009 |
| 58773 | Queries in SAS® Workflow Services fail for users that belong to more than 1,000 groups |
V10010 |
| 58774 | SAS® Web Infrastructure Platform Unable to log on as a user with membership in over a 1,000 groups |
V10010 |
| 59188 | Updating an expired internal account password fails with the message "The password for this user ID has expired. Create a new password" |
V10010 |
| 59403 | "Error reading metadata: Insufficient memory" occurs when you rename a library in SAS® Data Integration Studio or in SAS® Management Console |
V10011 |
| 59495 | SAS® 9.3 and SAS® 9.4 solutions might return an error message and stop working during the licensing warning period |
V10011 |
| 59569 | Some database management system library options are omitted from explicit SQL pass-through code in SAS® Data Integration Studio |
V10011 |
| 59700 | Flow contents are lost when more than one person edits the same flow concurrently in the SAS® Management Console Schedule Manager plug-in |
V10013 |
| 60073 | Scheduling many operating system scheduler jobs causes the operating system to use a large quantity of resources and affects performance |
V10013 |
| 59608 | SAS® Content Server recovery fails with the Deployment Backup and Recovery Tool and returns "COMMAND_TOOL_ERROR_SCS" |
V10013 |
| 57962 | The SAS® Data Integration Studio SCD Type 2 Loader transformation generates errors when loading data into an external DBMS |
V10014 |
| 58970 | You cannot disable the "Required" flag in the Custom Details Groups in SAS® Customer Intelligence Studio |
V10014 |
| 61015 | Redeploying a stored process returns the "Cannot redeploy because there is no job metadata associated to this stored process" message |
V10014 |
| 60595 | Connections between work tables and database libraries are incorrectly removed when these objects are included in metadata import processing |
V10014 |
| 60275 | SAS® Enterprise Guide® might perform slowly when opening an information map that has millions of rows |
V10015 |
| 61010 | Incorrect values are stored for the common data model when it is used in a SAS® Customer Intelligence Studio campaign |
V10016 |
| 60545 | Values for the date-and-time range are displayed incorrectly in SAS® Customer Intelligence Studio |
V10017 |
| 62425 | A cross-site scripting vulnerability exists in the SAS® BI Dashboard Adobe Flash component |
V10019 |
| 62324 | The SAS® 9.4 Deployment Backup and Recovery tool prints SAS® encoded password values in the backupserver.log file |
V10019 |
| 62727 | Date values in Custom Detail date fields shift by -2 days in SAS® Customer Intelligence Studio |
V10021 |
| 62987 | SAS® BI Web Services contains an XML External Entity (XXE) vulnerability |
V10021 |
| 63048 | An endless-loop condition occurs in SAS® Workflow Services when a workflow template contains a policy to copy a data object to itself |
V10021 |
| 63051 | A date prompt for a report incorrectly displays August instead of September when you use the Russian locale |
V10021 |
| 55537 | ALERT - A reflected cross-site scripting vulnerability has been identified in SAS® Logon Manager |
V10022 |
| 58589 | Increasing numbers of entries in the SAS® audit tables can affect Java Virtual Machine (JVM) performance |
V10022 |
| 62540 | SAS® Information Delivery Portal contains a session-fixation vulnerability |
V10022 |
| 63338 | Applications that use the comments service contain a security vulnerability with the use of comments |
V10022 |
| 63459 | SAS® 9.4 Logon Manager contains a version of JQuery that has reached end-of-life status |
V10022 |
| 60919 | SAS® Content Server backup fails when the SAS administrator password (sasadm@saspw) contains blank characters |
V10024 |
| 64181 | SAS® Visual Analytics fails to import data when running in Google Chrome 74 |
V10024 |
| 63264 | SAS® Customer Intelligence Studio contains a session-fixation vulnerability |
V10026 |
| 65746 | A metadata connection leak occurs when you save a SAS® Enterprise Guide® project on SAS® Content Server |
V10029 |
| 67057 | Multiple instances of the error "Unable to determine database vendor" are displayed in the catalina.out log during normal operation of the software |
V10030 |
| 58206 | In SAS® Data Integration Studio and SAS® Management Console, the German translation of the message confirming object deletion is incorrect |
V10031 |
| 57282 | MTOM attachments are truncated when Web Services Security (WS-Security) is enabled in SAS® BI Web Services for Java |
V10031 |
| 58336 | Using SAS® Real-Time Decision Manager 6.5 with the SAS® Federation Server 4.2 causes gradual decline of throughput and increased response time |
V10031 |
| 58337 | When you are using SAS® Real-Time Decision Manager, duplicate warning or diagnostic messages might occur in SAS® Federation Server 4.2 logs |
V10031 |
| 63828 | A clustered middle tier can become unresponsive upon start-up |
V10031 |
| 59458 | Errors occur when you try to load Meta Integration Model (MITI) bridges to the relationship database |
V10031 |
| 60719 | Out-of-disk-space issues occur when temporary files are not removed from the \\WebAppServer\\SASServer_#\\temp directory |
V10031 |
| 61880 | The SAS® 9.4 Logon Manager time-out page is vulnerable to injection of HTML code |
V10031 |
| 64673 | The SAS® metadata server runs out of system memory and stops responding |
V10031 |
| 67449 | A security vulnerability in IBM Platform Process Manager affects Platform Suite for SAS® |
V10031 |
| 58270 | Metadata support for SAS/ACCESS® Interface to Amazon Redshift |
V10031 |
NOTE: If you install this hot fix , you must also install
Y20010 for SAS Deployment Backup and Recovery Tool 9.41.
to fully implement the fix for the issue described in 56910.
If you install this hot fix , you must also install
B4P009 for SAS Add-in for Microsoft Office 7.15 and B4N009 for SAS Enterprise Guide 7.15.
to fully implement the fix for the issue described in 65746.
|
|
| D indicates that the Documentation has special pre-installation, post-installation or other unique instructions not commonly used for hot fix deployment. |
General Information about Hot Fixes