4.9.2 Server fixes

Owned by Anthony Turriciano
Aug 03, 2022
1 min read

Release date: TBD

NorthStar Order Entry Server and iOS Application: Current versions released with installation software

NorthStar Order Entry Server and iOS Application: Current versions released with installation software

1. New Features & Improvements

  • None

 

2. Fixes

Security Vulnerabilities

  • Disable access to external entities in XML parsing

  • Change code to not construct the patch from user-controlled data

  • Change insecure code to use a different secure path

  • Restrict types of objects allowed to be deserialized