orchestrator
2020.10
false
  • Release notes
    • 2020.10.1
    • 2020.10.2
    • 2020.10.3
    • 2020.10.4
    • 2020.10.5
    • 2020.10.6
    • 2020.10.7
    • 2020.10.8
    • 2020.10.9
    • 2020.10.10
    • 2020.10.11
    • 2020.10.12
    • 2020.10.14
    • 2020.10.15
    • 2020.10.16
    • 2020.10.17
    • 2020.10.18
    • 2020.10.19
    • 2020.10.20
    • 2020.10.21
OUT OF SUPPORT
Orchestrator Release Notes
Automation CloudAutomation Cloud Public SectorAutomation SuiteStandalone
Last updated Dec 12, 2023

2020.10.18

Release date: 12 December 2022

Bug Fixes

Security Vulnerability Fixes

  • We have fixed an issue that caused the password used for connecting to a storage bucket provider to be stored in the database. This occurred when you created or edited a storage bucket. The password could be retrieved by an SQL administrator with read access to the database, or by anyone with View permission on Audit via API.
  • We have fixed an issue that caused credential store passwords to be stored in the database. The passwords could be retrieved by an SQL administrator with read access to the database, or by anyone with View permission on Audit via API.
  • We have fixed an issue that caused license codes to be visible in the response returned by calls that retrieved all audit data.
  • We have fixed an issue that caused external feed passwords to be stored in the database. This occurred when you created an external feed for maintaining automation packages.

Use this script to clean up any passwords displayed in the existing logs. The script can be run before upgrading to this version.

DECLARE @serverVersion INT
SET @serverVersion = ISNULL(CAST(COALESCE(SERVERPROPERTY('ProductMajorVersion'),PARSENAME(CAST(SERVERPROPERTY('productversion') AS varchar(20)), 4)) as INT),0)IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.Buckets' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.bucketDto.Password'', NULL)
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
                CHARINDEX(''Password'', [Parameters]) > 0 AND
                NULLIF(JSON_VALUE([Parameters], ''$.bucketDto.Password''), '''') IS NOT NULL'
    ELSE
        -- Remove all parameters if json functions are not supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
                CHARINDEX(''Password'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
         VALUES (null,null,'Migration.AuditCleanup.Buckets','true',GETUTCDATE())
ENDIF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.CredentialStores' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.credentialStoreDto.AdditionalConfiguration'', NULL)
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 1 AND
                NULLIF(JSON_VALUE([Parameters], ''$.credentialStoreDto.AdditionalConfiguration''), '''') IS NOT NULL
            -- Some records are truncated, so not valid JSON
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 0'
    ELSE
        -- Remove all parameters if json functions are not supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
         VALUES (null,null,'Migration.AuditCleanup.CredentialStores','true',GETUTCDATE())
ENDIF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedApiKey' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = JSON_MODIFY([CustomData], ''$.ApiKey'', NULL)
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''ApiKey'', [CustomData]) > 0 AND 
                JSON_VALUE([CustomData], ''$.ApiKey'') IS NOT NULL'
    ELSE
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = ''''
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''ApiKey'', [CustomData]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.PackageFeedApiKey','true',GETUTCDATE())
ENDIF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedBasicPassword' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = JSON_MODIFY([CustomData], ''$.BasicPassword'', NULL)
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''BasicPassword'', [CustomData]) > 0 AND 
                JSON_VALUE([CustomData], ''$.BasicPassword'') IS NOT NULL'
    ELSE
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = ''''
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''BasicPassword'', [CustomData]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.PackageFeedBasicPassword','true',GETUTCDATE())
ENDIF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.LicenseKey' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.licenseKey'', NULL)
            WHERE
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
                CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 1 AND
                JSON_VALUE([Parameters], ''$.licenseKey'') IS NOT NULL
                
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
                CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 0'
    ELSE
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE
            [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
            CHARINDEX(''licenseKey'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.LicenseKey','true',GETUTCDATE())
ENDDECLARE @serverVersion INT
SET @serverVersion = ISNULL(CAST(COALESCE(SERVERPROPERTY('ProductMajorVersion'),PARSENAME(CAST(SERVERPROPERTY('productversion') AS varchar(20)), 4)) as INT),0)
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.Buckets' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.bucketDto.Password'', NULL)
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
                CHARINDEX(''Password'', [Parameters]) > 0 AND
                NULLIF(JSON_VALUE([Parameters], ''$.bucketDto.Password''), '''') IS NOT NULL'
    ELSE
        -- Remove all parameters if json functions are not supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[Buckets] WHERE [StorageProvider] IN (''Amazon'',''Azure'',''Minio'',''S3Compatible'')) AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.BucketsController'' AND
                CHARINDEX(''Password'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
         VALUES (null,null,'Migration.AuditCleanup.Buckets','true',GETUTCDATE())
END
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.CredentialStores' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.credentialStoreDto.AdditionalConfiguration'', NULL)
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 1 AND
                NULLIF(JSON_VALUE([Parameters], ''$.credentialStoreDto.AdditionalConfiguration''), '''') IS NOT NULL
            -- Some records are truncated, so not valid JSON
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 0'
    ELSE
        -- Remove all parameters if json functions are not supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE 
                [TenantId] IN (SELECT DISTINCT TenantId FROM [dbo].[CredentialStores] WHERE [Type] <> ''Database'') AND
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.CredentialStoresController'' AND
                CHARINDEX(''AdditionalConfiguration'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
         VALUES (null,null,'Migration.AuditCleanup.CredentialStores','true',GETUTCDATE())
END
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedApiKey' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = JSON_MODIFY([CustomData], ''$.ApiKey'', NULL)
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''ApiKey'', [CustomData]) > 0 AND 
                JSON_VALUE([CustomData], ''$.ApiKey'') IS NOT NULL'
    ELSE
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = ''''
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''ApiKey'', [CustomData]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.PackageFeedApiKey','true',GETUTCDATE())
END
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.PackageFeedBasicPassword' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = JSON_MODIFY([CustomData], ''$.BasicPassword'', NULL)
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''BasicPassword'', [CustomData]) > 0 AND 
                JSON_VALUE([CustomData], ''$.BasicPassword'') IS NOT NULL'
    ELSE
        -- Remove just the password if json functions are supported
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogEntities] 
            SET [CustomData] = ''''
            WHERE
                [EntityId] IS NULL AND
                [EntityName] = ''UiPackageFeed'' AND 
                CHARINDEX(''BasicPassword'', [CustomData]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.PackageFeedBasicPassword','true',GETUTCDATE())
END
​
IF NOT EXISTS (SELECT 1 from [dbo].[Settings] WHERE [Name] = 'Migration.AuditCleanup.LicenseKey' AND [TenantId] IS NULL)
BEGIN
    IF @serverVersion >= 13 -- SQL Server 2016
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = JSON_MODIFY([Parameters], ''$.licenseKey'', NULL)
            WHERE
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
                CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 1 AND
                JSON_VALUE([Parameters], ''$.licenseKey'') IS NOT NULL
                
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE
                [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
                CHARINDEX(''licenseKey'', [Parameters]) > 0 AND
                ISJSON([Parameters]) = 0'
    ELSE
        EXECUTE sp_executesql N'
            UPDATE [dbo].[AuditLogs]
            SET [Parameters] = ''''
            WHERE
            [ServiceName] = ''UiPath.Orchestrator.Web.Api.OData.Controllers.SettingsController'' AND 
            CHARINDEX(''licenseKey'', [Parameters]) > 0'
    INSERT INTO [dbo].[Settings] ([TenantId],[UserId],[Name],[Value],[CreationTime])
        VALUES (null,null,'Migration.AuditCleanup.LicenseKey','true',GETUTCDATE())
END

General Fix

  • We have fixed a temporary file leak that could lead to the Orchestrator server running out of free disk space.

Known Issues

The list of available users you can assign tasks to does not filter out the users that do not have the required permissions. Selecting such a user results in a task assignment failure.

Deprecation Timeline

We recommend that you regularly check the deprecation timeline for any updates regarding features that will be deprecated and removed.

  • Bug Fixes
  • Security Vulnerability Fixes
  • General Fix
  • Known Issues
  • Deprecation Timeline

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.