Skip to main content
Version: 25.2.0

Java Agent Release Notes (25.2.0)

Overview

New Features / Improvements

  • PM-458 Agent compatibility with Java 21.
  • PM-561 New option com.waratek.log.cef.redaction.pii=true to remove Personally Identifiable Information in security events.
  • PM-571 Agent compatability with application servers using Jakarta Servlet 5.0 specification.
  • W4J-1059 Encrypted agent credentials in instance.waratek.properties.

New Features / Improvements Which Break Backward Compatibility

  • none

Feature Removals

  • none

Bug Fixes

  • W4J-1405 BuiltInProfiler reports wrong class names.
  • W4J-1366 Bug fix for determining 'thead' HTML tag as safe for default XSS Armr rule protection.

Known Issues

  • W4J-64 In some cases the agent may not detect when a ARMR filesystem rule is duplicated
  • W4J-66 In some cases the agent may not detect when an ARMR filesystem rule is unreachable
  • W4J-252 Additional file read CEF events are generated for certain paths the first time an ARMR filesystem rule that contains the api() directive triggers
  • W4J-331 Under certain workloads running the Dacapo “h2” benchmark, an extra performance overhead may be incurred with rules in place
  • W4J-370 Under certain workloads running the SPECjvm2008 “derby" and "serial" benchmarks, an extra performance overhead may be incurred with rules in place
  • W4J-371 Under certain workloads running the SPECjvm2008 "crypto.signverify" and "xml.transform" benchmarks, an extra performance overhead may be incurred
  • W4J-435 ARMR Socket input specifier not working on some Java6 JDK
  • W4J-989 ARMR Filesystem Pathtraversal is not detected on IBM J9 JDK if Application is utlizing Java NIO classes
  • W4J-1023 Apache Struts 2.5 test suite is failing due to usage of incomplete Servlet API library
  • W4J-1367 Payload extension of security event generated by XSS rule does not contan all of the payload characters in a specific case of a complex payload.
  • W4J-1431 ARMR HTTP CSRF rule is not working correctly on in JSP page on Tomcat 10, 11 and JBossEAP8
  • W4J-1432 ARMR HTTP XSS rule is not working correctly on JBoss EAP 8 and Wildfly 32
  • W4J-1454 RMI Client/Server connection fails with java.rmi.NoSuchObjectException on JRockit Java6 Windows
  • W4J-1473 SQLi protection does not work for a small number of attacks on at least one version of J9 Java 8
  • W4J-1475 Input attribute can not be used on ARMR Socket Connect rules on IBM J9 JDKs
  • W4J-1477 ARMR VCPU rule pack breaks DNS rules using input() specifier on Windows
  • REM-1855 IOException is unexpectedly thrown when the Deserial rule is absent in certain cases
  • REM-2422 When running JRockit 6 with Dynatrace, neither JBoss AS 7.1 nor JBoss EAP 6.x are supported
  • REM-2434 JBoss AS 7.1 and JBoss EAP 6.x running with IBM J9 are unsupported
  • REM-2445 Inconsistent warning messages logged when user inadvertently omits -Dcom.waratek.log.file property depending on whether log.mode is LOCAL or is BOTH
  • REM-2906 On some versions of IBM J9 JDK8, jdk-j9-8sr5fp10-linux-x64 being one such version, ARMR XSS is not detected in SpringBoot applications.
  • REM-3045 Protected XSS attack on JamWiki webapp causes JBoss v4.2 shutdown to hang
  • REM-3126 Warning "OpenJDK 11 IllegalAccessError after JVMTI retransform/redefine" while onboarding to the Portal
  • REM-3230 Under certain workloads running JRockit 6, an extra performance overhead may be incurred
  • REM-3235 Under certain workloads running Tomcat, an extra performance overhead may be incurred with the XSS rule

Third Party / Open Source Dependencies

  • ANTLR
  • Log4j (version1) Library
  • ASM Library
  • OpenJDK JDK Source
  • JASYPT