What's new and changed in Common core services

Cloud Pak for Data Version 4.7.3

A new version of Common core services was released in September 2023 with Cloud Pak for Data 4.7.3.

Operand version: 7.3.0

This release includes the following changes:

New features

The 7.3.0 release of the common core services includes changes to support features and updates in Watson Studio and Watson Knowledge Catalog.

Version 7.3.0 of the common core services includes the following features and updates:

Access lakehouse data with the new watsonx.data connection

You can now use the watsonx.data connection to access data from a lakehouse in IBM® Cloud or in IBM Cloud Pak for Data. watsonx.data is a governed data lakehouse that is optimized for data and AI workloads. For more information, see watsonx.data connection.

Access additional technical and lineage metadata

You can now use the new Oracle Data Integrator connector to import ETL jobs and their lineage metadata. For more information, see Oracle Data Integrator connection.

Customer-reported issues fixed in this release

DT222140: "Method not allowed" return after web session timeout for notebooks

Security fixes

CVE-2023-3899, CVE-2023-3817, CVE-2023-37460, CVE-2023-22044, CVE-2023-21968, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21938, CVE-2023-21937, CVE-2023-21930

Cloud Pak for Data Version 4.7.2

A new version of Common core services was released in August 2023 with Cloud Pak for Data 4.7.2.

Operand version: 7.2.0

This release includes the following changes:

New features

The 7.2.0 release of the common core services includes changes to support features and updates in Watson Studio and Watson Knowledge Catalog.

Version 7.2.0 of the common core services includes the following features and updates:

Access more technical metadata with new connectors

New connectors are available for importing technical data from the following data sources:

• Microsoft SQL Server Integration Services
• Microsoft SQL Server Reporting Services
• Oracle Business Intelligence Enterprise Edition
• Qlik Sense

For more information, see Supported data sources for metadata import, metadata enrichment, and data quality rules.

Security fixes

This release includes fixes for the following security issues:

CVE-2023-3635, CVE-2023-34455, CVE-2023-34454, CVE-2023-34453, CVE-2023-2976, CVE-2023-29400, CVE-2023-28856, CVE-2023-28466, CVE-2023-25399, CVE-2023-24540, CVE-2023-24539, CVE-2023-24538, CVE-2023-24537, CVE-2023-24536, CVE-2023-24534, CVE-2023-24532

CVE-2022-41725, CVE-2022-41724, CVE-2022-24834

CVE-2020-8908

Cloud Pak for Data Version 4.7.1

A new version of Common core services was released in July 2023 with Cloud Pak for Data 4.7.1.

Operand version: 7.1.0

This release includes the following changes:

New features

The 7.1.0 release of the common core services includes changes to support features and updates in Watson Studio and Watson Knowledge Catalog.

Version 7.1.0 of the common core services includes the following features and updates:

Key-pair authentication for Snowflake connections

You can now use key-pair authentication for Snowflake connections. Key-pair authentication is more secure than providing a username and password. For more information on using key-pair authentication, see Snowflake connection.

Bug fixes

This release includes the following fixes:

Creating a project takes over 30 seconds to complete

• Issue: Creating a project might take over 30 seconds to complete when the system is underload..
• Resolution: This issue is now fixed.

Security fixes

This release includes fixes for the following security issues:

CVE-2023-1255

Cloud Pak for Data Version 4.7.0

A new version of Common core services was released in June 2023 with Cloud Pak for Data 4.7.0.

Operand version: 7.0.0

This release includes the following changes:

New features

The 7.0.0 release of the common core services includes changes to support features and updates in Watson Studio and Watson Knowledge Catalog.

Version 7.0.0 of the common core services includes the following features and updates:

Authenticate to Google BigQuery with workload identity federation

You can now use workload identity federation to authenticate to Google BigQuery, rather than using your Google service account key. Workflow identity federation provides increased security and centralized management.

To use workload identity federation, you must have an identity provider (IdP) that supports one of the following specifications:

• AWS Signature Version 4
• OpenID Connect (OIDC)
• SAML 2.0

For more information, see Google BigQuery connection.

Access data from IBM Product Master

You can now create a connection to IBM Product Master. For more information, see IBM Product Master connection.

Name change for the IBM Cloud Compose for MySQL connection

The IBM Cloud Compose for MySQL connection was renamed to IBM Cloud® Databases for MySQL. Your previous settings for the connection remain the same. Only the connection name has changed.

Updates

The following updates were introduced in this release:

Uploading JDBC JAR files requires a new permission in an upgraded instance

In versions previous to 4.7.0, a user with the Admin role can upload JAR files with the default Administer platforms permission. Effective 4.7.0, two permissions are required:

• Administer platforms
• Manage configurations

For a new instance of 4.7.0, the Admin role includes both permissions, but if you upgraded from a version prior to 4.7.0, you need to create a new role for Manage configurations:

1. From the navigation menu, select Administration > Access control.
2. Click New role, and create a new role with the Manage configurations permission.
3. Go to the Users tab and select the Administrator ID, and then click Assign roles.
4. Assign the role to the Administrator ID.
5. Log out as the Administrator and log in again

Customer-reported issues fixed in this release

DT213182: Open new asset in a new tab

Bug fixes

This release includes the following fixes:

You cannot preview an Oracle connection dataset that contains objects as data types

• Issue: If the Oracle connection dataset contains objects as data types, you cannot preview the dataset and you receive the following error: An error occurred attempting to preview this asset.
• Resolution: You can preview the dataset while viewing objects as data types is unsupported.

You cannot open a Generic JDBC connection that uses personal credentials

• Issue: When you try to open a Generic JDBC connection that uses personal credentials, you receive an error and the connection doesn't open. This error occurs for all services that use the asset browser.
• Resolution: You can open the Generic JDBC connection in the asset browser and input personal credentials.

Security fixes

This release includes fixes for the following security issues:

CVE-2023-31125, CVE-2023-30535, CVE-2023-28370, CVE-2023-23931, CVE-2023-23920, CVE-2023-23918, CVE-2023-1370, CVE-2023-0361, CVE-2023-0286

CVE-2022-4904, CVE-2022-46175, CVE-2022-4492, CVE-2022-41940, CVE-2022-38900, CVE-2022-31129, CVE-2022-25881, CVE-2022-24999, CVE-2022-24785, CVE-2022-23709, CVE-2022-21704, CVE-2022-21476, CVE-2022-0235

CVE-2021-44906, CVE-2021-41134, CVE-2021-29469, CVE-2021-22144, CVE-2021-22134, CVE-2021-22132, CVE-2021-20264

CVE-2020-8244, CVE-2020-7021

CVE-2014-2428, CVE-2014-2427, CVE-2014-2423, CVE-2014-2422, CVE-2014-2421, CVE-2014-2420, CVE-2014-2414, CVE-2014-2413, CVE-2014-2412, CVE-2014-2410, CVE-2014-2409, CVE-2014-2403, CVE-2014-2402, CVE-2014-2401, CVE-2014-2398, CVE-2014-2397, CVE-2014-1876, CVE-2014-0464, CVE-2014-0463, CVE-2014-0461, CVE-2014-0460, CVE-2014-0459, CVE-2014-0458, CVE-2014-0457, CVE-2014-0456, CVE-2014-0455, CVE-2014-0454, CVE-2014-0453, CVE-2014-0452, CVE-2014-0451, CVE-2014-0449, CVE-2014-0448, CVE-2014-0446, CVE-2014-0432, CVE-2014-0429