10.17.0.540
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
10.17.0.533
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Core platform | This fix addresses a critical security issue that whilst has the ability to impact the integrity of Cumulocity IoT, is random in nature and is therefore not targetable. | MTM-59422 | 10.18.0.427 | cumulocity |
10.17.0.526
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Microservices | Cumulocity IoT allows to extend the platform API with customer-specific functionality by deploying microservices. Technically, microservices are Docker containers hosted by Cumulocity IoT and they follow specific conventions. When building the microservice container image with Docker version 25 it could happen that the microservice upload failed with the following error: config file does not .json extension. This issue is now fixed. | MTM-58938 | 10.17.0.521 | cumulocity |
10.17.0.515
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
10.17.0.503
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Core platform | Previously, the status for operations with a failureReason fragment could not be changed from FAILED, since the failureReason fragment was not allowed for other statuses. Now failureReason is automatically removed when moving an operation from the FAILED status. |
MTM-57995 | 10.17.0.488 | cumulocity |
| Microservices | Cumulocity IoT allows you to deploy microservices which may offer their own REST endpoints that can be used by Cumulocity IoT API client applications. In the cumulocity.json microservice manifest file you can optionally configure horizontal pod auto scaling using the "scale": "AUTO" configuration. When switching the value from "AUTO" to "NONE" the Kubernetes resource "horizontal pod auto scaler" was not removed again if the microservice was already subscribed at the time the new microservice version was uploaded. This problem is now fixed. |
MTM-56904 | 10.17.0.490 | cumulocity |
10.17.0.485
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Authentication | Fixed a random issue ("invalid TFA token due to user inactivity") when logging in using the user alias and TFA SMS with basic authentication. | MTM-56608 | 10.17.0.483 | cumulocity |
10.17.0.467
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
10.17.0.466
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Administration | Fixed an issue where the title "Cumulocity" was briefly displayed when viewing microservice details. | MTM-57314 | 10.17.0.464 | ui-c8y |
| Authentication | The appearance of the single-sign-on login button has been unified with the Cumulocity IoT application styles. | MTM-57675 | 10.17.0.458 | ui-c8y |
10.17.0.456
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Administration | Fixed an issue with missing translation in the confirmation popup which is displayed while unsubscribing a microservice. | MTM-57253 | 10.17.0.446 | ui-c8y |
| SMS microservice | Outgoing SMS requests to the Bics SMS provider contained an incorrectly formatted request body. The content-type was corrected to "application/json" as required by the Bics API to be able to correctly send SMS with this provider. | DM-3176 | 10.17.0.445 | cumulocity |
10.17.0.441
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Messaging Service | Fixed an issue where Notifications 2.0 subscriptions with a type filter could fail when updating or deleting an object with an empty type. This issue would cause an error to be returned to the client even though the update or delete request was successful. | MTM-56450 | 10.17.0.430 | cumulocity |
10.17.0.422
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Administration | Fixed an issue with changing the password for another user as a support user. | MTM-56652 | 10.17.0.420 | cumulocity |
| Messaging Service | To address the CVE-2023-39410 vulnerability, the 3rd-party library Avro has been updated to version 1.11.3. | MTM-56779 | 10.17.0.414 | cumulocity |
10.17.0.404
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
10.17.0.385
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Support user | When logging into the platform as support user, you were redirected to the Management tenant. This automatic redirection has been removed. Instead, the platform now sets a cookie for the domain of the logged-in tenant to preserve the original login context. | MTM-54617 | 10.17.0.378 | UI |
10.17.0.371
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Administration | The password strength indicator gets updated correctly now, and the Save button is available when the password meets the strength conditions. | MTM-50179 | 10.17.0.369 | UI |
| SMS microservice | The sender name and address were missing when sending a request to the SMS gateway with the TFA code. This issue has been resolved. The sender name and address are now retrieved from the tenant option configuration. | MTM-56027 | 10.17.0.369 | Core |
10.17.0.364
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Administration | Microservices which have been created via API without providing a binary for it can again be subscribed without getting an error message. | MTM-56037 | 10.17.0.347 | UI |
| Administration | Resolved the issue that versioned applications might not be unpacked upon core startup, which resulted in an HTTP 404 error for some requests. | MTM-53724 | 10.17.0.347 | Core |
| REST API | Fixed the rare occurrence of an HTTP status 500 response from /tenant/statistics/allTenantsSummary, when one of the tenants was deleted during the request. |
MTM-53273 | 10.17.0.358 | Core |
10.17.0.346
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Administration | Blueprint applications shared from a parent tenant can now be updated properly. | MTM-55332 | 10.17.0.343 | UI |
10.17.0.338
Info
There have not been any significant improvements or fixes related to this component since the last Maintenance release.
10.17.0.333
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Authentication | When a user logs in using OAI-Secure and a password change is required, a PasswordResetToken is returned in the response header, enabling the password reset. |
MTM-55200 | 10.17.0.326 | Core |
| Authentication | Fixed an issue with incorrect loading of certificates to the trust store during core startup/restart, which caused errors in authenticating MQTT devices using certificates. | MTM-55328 | 10.17.0.303 | Core |
| Messaging Service | Users of Notifications 2.0 will no longer encounter unequal distribution of notifications from tenant-context subscriptions amongst a set of shared consumers. | MTM-54859 | 10.17.0.311 | Core |
| REST API | The data field has been removed from realtime API handshake responses where it was not required and always had a "null" value. |
MTM-55522 | 10.17.0.324 | Core |
| REST API | When removing an application that is used in single sign-on access mappings, the login configuration will be updated accordingly. | MTM-52943 | 10.17.0.317 | Core |
| REST API | The Measurement API now accepts leading zeroes provided for measurement values. | MTM-55156 | 10.17.0.305 | Core |
10.17.0.289
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Authentication | The default value for the MQTT SSL handshake timeout has been increased from 10 seconds to 50 seconds to increase the time for the handshake to be successful. The value of this property can be configured by a platform administrator. | MTM-54184 | 10.17.0.243 | Core |
10.17.0.268
Improvements
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| MongoDB | The MongoDB version has been upgraded to 5.0.18-1 in offline installation dependencies. | MTM-53200 | 10.17.0.225 | Core |
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Administration | Improved the performance of the user hierarchy management by reducing the number of server requests executed when expanding the sub-user list. | MTM-49969 | 10.17.0.263 | UI |
| Administration | The pagination check of the user list has been modified to prevent duplicate requests. | MTM-52287 | 10.17.0.255 | UI |
| Administration | In some cases log files of devices stored in the platform could not be downloaded from the Logs tab. This has been addressed by requesting with the correct user credentials. | DM-2471 | 10.17.0.250 | UI |
| Administration | Fixed an issue whith cloning some of the default global roles (for example, "devices"). | MTM-45858 | 10.17.0.238 | UI |
| Administration | Fixed an issue where the Clear button on the Usage statistics page failed to remove applied filters. | MTM-50302 | 10.17.0.232 | UI |
| Messaging Service | Fixed an issue where requests from the core platform into the Messaging Service could take a long time to complete, slowing down the response to HTTP requests and potentially preventing the platform from handling new incoming requests. For example, a request from the core platform to publish a message using Notifications 2.0 could block if the tenant had reached its quota for unconsumed notifications, only timing out after a long delay. This issue has been resolved by ensuring that Messaging Service requests that would have blocked now time out quickly. | MTM-53509 | 10.17.0.244 | Core |
| Notifications 2.0 | DELETE notifications for Notifications 2.0 subscriptions to specific managed objects - that is, subscriptions to the managedObjects API in the mo context - are now always sent. Previously, these notifications were not reliably sent in all cases. |
MTM-54097 | 10.17.0.253 | Core |
| REST API | Fixed the rare occurrence of an HTTP status 500 response from /tenant/statistics/allTenantsSummary, if one of the tenants was deleted during the request. |
MTM-53273 | 10.17.0.241 | Core |
10.17.0.216
Improvements
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Administration | Context help has been added in the Extensions page. | MTM-50209 | 10.17.0.141 | UI |
| Authentication | The OpenSSL command for generating a "signed verification code" for Proof of Possession has been enhanced to include additional encoding functionality. | MTM-52775 | 10.17.0.153 | UI |
| Authentication | In the Trusted certificates page, an issue with the border of the Certificate field has been fixed. | MTM-48649 | 10.16.45.0 | n/a |
| Core platform | The switch acl.measurement.only-accessible-fragments has been added to allow administrators to define inventory roles which let users retrieve a subset of the available fragments from all measurements. The property can be set globally or per tenant. If it is set, the measurement series is filtered according to the ACL (access control list) role owned by the user and assigned to the device group. Returned measurements only contain the available fragments listed in assigned ACL roles. |
MTM-49607 | 10.16.260.0 | n/a |
| Core platform | On creating a measurement, it is now validated for all processing modes if the source object exists, that is for PERSISTENT, QUIESCENT, TRANSIENT and CEP. Prior to this change, the existence of the measurement was only validated for persistence processing modes (PERSISTENT and QUIESCENT). | MTM-50498 | 10.16.248.0 | n/a |
| Core platform | To save network bandwidth and improve the time to download when the network connection is lost, Cumulocity IoT now supports chunked binary file downloads. To take advantage of this it is necessary to set the Range header. If set the binaries are split into chunks and if the network connection is lost the download is resumed rather than started from the beginning. See also the Cumulocity IoT OpenAPI Specification. | MTM-49998 | 10.16.248.0 | n/a |
| Core platform | Deleting measurements by the dateFrom and dateTo query parameters is now supported on tenants with enabled enhanced time series support. Parameters must be truncated to full hours (for example, 2022-08-19T14:00:00.000Z), otherwise an error will be returned.
|
MTM-49441 | 10.16.74.0 | n/a |
| Enterprise tenant | The placeholders in the configuration templates for Enterprise tenants were updated with new values. | MTM-49860 | 10.16.163.0 | n/a |
| Product experience | Users can now disable (or enable) all in-product information & communication options. Prior to this change, users could only opt-out from the Knowledge Hub (product experience tracking). | MTM-48214 | 10.16.79.0 | n/a |
| REST API | The performance of GET requests on the /user/users endpoint has been improved by better utilization of database indexes. |
MTM-52566 | 10.17.0.124 | Core |
| REST API | The performance of the Inventory API has been improved by removing two additional database queries for GET /managedObjects. |
MTM-51973 | 10.17.0.123 | Core |
| REST API | The REST API endpoint /application/applications/{id}/logs so far required the role ROLE_APPLICATION_MANAGEMENT_ADMIN. This has been changed. The endpoint now requires either the ROLE_APPLICATION_MANAGEMENT_ADMIN or ROLE_APPLICATION_MANAGEMENT_READ. |
MTM-52028 | 10.17.0.107 | Core |
| REST API | The performance of the Identity API GET /externalIds/{type}/{externalId} method has been improved. |
MTM-50837 | 10.17.0.52 | Core |
| Security | An attribute has been added to all external application links, that prevents tab nabbing (a security vulnerability that could be used to gain the user's browser session). | MTM-48156 | 10.16.249.0 | n/a |
Fixes
| Product area | Description | Issue | Build version | Build comp. |
|---|---|---|---|---|
| Administration | Issues with flashing the device availability connection status have been fixed. | MTM-51541 | 10.17.0.180 | None |
| Administration | Issues with the Ericsson DCP SMS provider when attempting to send an SMS have been resolved and outgoing requests are sent as expected to the Ericsson DCP API. | DM-2215 | 10.17.0.176 | Core |
| Administration | Applications are now automatically deployed right after being copied (no additional request is needed). Moreover, the first manifest update request after copying the application now works correctly. | MTM-51585 | 10.17.0.166 | Core |
| Administration | Fixed an issue where users which only have inventory roles could not add new groups. | MTM-52413 | 10.17.0.147 | UI |
| Administration | Fixed an issue with the names of the files downloaded from the platform (for example, from the file repository or from event attachments). UTF-8 characters, for example, in the Japanese localization are no longer missing if the file name includes special characters like "+". | MTM-53056 | 10.17.0.145 | UI |
| Administration | Redundant activity log entries in the application details are now filtered out. | MTM-52309 | 10.17.0.134 | UI |
| Administration | UTF-8 characters are now supported in names of files downloaded from the files repository with the export functionality. | MTM-46346 | 10.17.0.51 | Core |
| Administration | The performance of the Users page has been improved. Loading root users with a large number of sub-users (100+) now takes less than 1s, while previously, with a larger number of sub-users (around 500), it took around 30-60s. Moreover, the request to fetch all children of a root user is now up to 10 times faster, depending on the number of sub-users and the number of their global roles. | MTM-45523 | 10.16.156.0 | n/a |
| Administration | The phone number input validation has been improved. The validation status is shown after the input loses focus for the first time, the red border and the error message appear in sync, and the message now mentions all allowed characters, together with an example of a valid phone number value. | MTM-47002 | 10.16.79.0 | n/a |
| Administration | Providing a non-existing tenant ID when resetting the password will no longer cause a server error. | MTM-45633 | 10.16.13.0 | n/a |
| Authentication | Issues with refreshing the session tokens when the OAI-Secure login mode is configured with two-factor authentication have been fixed. | MTM-53559 | 10.17.0.176 | Core |
| Authentication | The verification code which is signed in the Proof of Possession process now supports end-of-line characters from various operating systems. | MTM-53296 | 10.17.0.172 | Core |
| Authentication | In the Trusted certificates page, refreshing and downloading the verification code for the Proof of Possession process now works properly if a new certificate was uploaded or the verification code was refreshed by the user. | MTM-52956 | 10.17.0.171 | UI |
| Authentication | Fixed an issue with the device request counter being increased while switching between the standard applications (Administration, Cockpit, Device management). | MTM-49427 | 10.17.0.120 | UI |
| Authentication | The performance of the first user requests sent after node restart has been improved. Prior to this change, there was an issue in rare cases where the number of all global roles in a tenant was close to but not exceeding 100, and many thousands of devices were concurrently trying to authorize MQTT connections on the restarted node. | MTM-52049 | 10.17.0.72 | Core |
| Authentication | On the Basic settings tab in the Authentication page, TFA (two-factor authentication) is now correctly shown as enabled if enforced by the platform. | MTM-49942 | 10.16.259.0 | n/a |
| Authentication | Issues with removing trusted or forbidden user agents in the Authentication page have been fixed. The delete icon now only deletes the agent it applies to. | MTM-48062 | 10.16.190.0 | n/a |
| Authentication | During the reset password process the tenant ID setup dialog was presented instead of the reset password dialog. Now the reset password dialog appears correctly if the reset link is used. | MTM-50205 | 10.16.181.0 | n/a |
| Authentication | The two-factor authentication verification dialog does no longer show two Cancel buttons. | MTM-49935 | 10.16.148.0 | n/a |
| Authentication | The default email templates sent when resetting passwords or confirming password changes have been extended with a username. | MTM-49760 | 10.16.129.0 | n/a |
| Authentication | An issue with the QR code in the two-factor authentication setup window has been fixed. | MTM-49536 | 10.16.129.0 | n/a |
| Authentication | In the Trusted certificates page, an issue with the border of the Certificate field has been fixed. | MTM-48649 | 10.16.45.0 | n/a |
| Core platform | Fixed an issue where deleting enhanced time series measurements did not work with the fragmentType query parameter. |
MTM-51379 | 10.17.0.92 | Core |
| Core platform | Fixed an issue in which some queries containing single apostrophes resulted in an incorrect query being sent. | MTM-49123 | 10.16.60.0 | n/a |
| Data broker | The data broker no longer passes on the c8y_ActiveAlarmsStatus fragment from devices in the source tenant to the destination tenant. This is an internal setting which cannot be updated by the user and which is not required on the destination tenant. The propagation of alarms to the destination tenant is not affected by this change. |
MTM-49670 | 10.16.103.0 | n/a |
| Enterprise tenant | Fixed a branding issue where the background color and the primary label were not using the brand color. | MTM-50807 | 10.17.0.38 | UI |
| Enterprise tenant | Due to a change introduced in release 10.14, when a certificate for an Enterprise tenant was uploaded with this version, it was persisted in a faulty way. Although it was possible to activate the certificate when using the new domain this certificate failed to be parsed and the platform certificate was returned as backup. This issue has been resolved. After activating the certificate, the new domain will now be served with the respective certificate. | DM-1658 | 10.16.101.0 | n/a |
| Inventory roles | Fixed an issue with inventory roles when a user had assigned different inventory roles for different groups in the same inventory hierarchy. Now, if a user has inventory access to a parent group for one API and inventory access to a child group for a different API, queries made by this user return properly filtered documents for both APIs. | MTM-45018 | 10.16.8.0 | n/a |
| MQTT | The error handling when publishing operations to MQTT devices has been improved. | MTM-53168 | 10.17.0.196 | Core |
| Notifications 2.0 | Fixed a regression where a simple type name was not accepted as a type filter when creating a Notifications 2.0 subscription. For backwards compatibility with older releases, if the type filter value cannot be parsed as an OData expression, it is now assumed to be a simple type name. | MTM-53848 | 10.17.0.216 | Core |
| Performance | The performance of widgets like the "Data point list", "Data point graph" and "Data point table" has been improved for users with inventory roles access. Moreover, the performance of the Measurements tab in the Device Management application and the Data explorer in the Cockpit application have been improved. | MTM-50693 | 10.17.0.48 | UI |
| REST API | Fixed an issue where POST and PUT requests without Content-Type header were rejected with a 415 HTTP error. The fix has been applied to the Identity, Inventory, Measurements, Alarms and Events APIs. | MTM-51886 | 10.17.0.74 | Core |
| REST API | The performance of the Alarm API has been improved for requests which use the resolved query parameter. |
MTM-49450 | 10.16.198.0 | n/a |
| REST API | Fixed an issue in the Application API with duplicating hosted applications. The application has now PUBLIC availability on the parent tenant and PRIVATE availability on the other tenants instead of preserving the availability from the source application. | MTM-48474 | 10.16.60.0 | n/a |