What's new and changed in Data Privacy

Data Privacy updates can include new features, bug fixes, and security updates. Updates are listed in reverse chronological order so that the latest release is at the beginning of the topic.

You can see a list of the new features for the platform and all of the services at What's new in IBM Cloud Pak® for Data.

Installing or upgrading Data Privacy

Ready to install or upgrade Data Privacy?

Related documentation:

Cloud Pak for Data Version 4.8.7

A new version of Data Privacy was released in October 2024 with Cloud Pak for Data 4.8.7.

Operand version: 4.8.7

This release includes the following changes:

Security fixes

This release includes fixes for the following security issues:

CVE-2024-39338, CVE-2024-42459, CVE-2024-42460

Cloud Pak for Data Version 4.8.6

A new version of Data Privacy was released in August 2024 with Cloud Pak for Data 4.8.6.

Operand version: 4.8.6

This release includes the following changes:

Security fixes

This release includes fixes for the following security issues:

CVE-2024-1135, CVE-2024-21634, CVE-2024-22353, CVE-2024-24786, CVE-2024-24791, CVE-2024-2511, CVE-2024-29025, CVE-2024-29857, CVE-2024-30171, CVE-2024-30172, CVE-2024-3154, CVE-2024-34064, CVE-2024-34447, CVE-2024-35195, CVE-2024-36114, CVE-2024-3651, CVE-2024-3727, CVE-2024-3772, CVE-2024-37891, CVE-2024-39689, CVE-2024-4032, CVE-2024-4603, CVE-2024-4741, CVE-2024-5535, CVE-2024-5569, CVE-2024-6602

PRISMA-2023-0067

CVE-2023-3446, CVE-2023-36632, CVE-2023-3817, CVE-2023-38552, CVE-2023-39325, CVE-2023-3978, CVE-2023-39804, CVE-2023-45143, CVE-2023-45288, CVE-2023-5678, CVE-2023-6129, CVE-2023-6237

CVE-2021-23336, CVE-2021-27290, CVE-2021-3572, CVE-2021-3997, CVE-2021-41720, CVE-2021-43784

CVE-2020-12413

CVE-2005-2541

Cloud Pak for Data Version 4.8.5

A new version of Data Privacy was released in April 2024 with Cloud Pak for Data 4.8.5.

Operand version: 4.8.5

This release includes the following changes:

Security fixes

This release includes fixes for the following security issues:

CVE-2024-22243, CVE-2024-22257, CVE-2024-24557, CVE-2024-28757, CVE-2024-29041

CVE-2023-46218, CVE-2023-51074, CVE-2023-52425

Cloud Pak for Data Version 4.8.4

A new version of Data Privacy was released in March 2024 with Cloud Pak for Data 4.8.4.

Operand version: 4.8.4

This release includes the following changes:

Bug fixes

This release includes the following fix:

Resolution: This issue is now fixed.

Resolution: This issue is now fixed.

Security fixes

This release includes fixes for the following security issues:

CVE-2024-1597, CVE-2024-20918, CVE-2024-20952, CVE-2024-24762

CVE-2023-50782, CVE-2023-6135

Cloud Pak for Data Version 4.8.3

A new version of Data Privacy was released in February 2024 with Cloud Pak for Data 4.8.3.

Operand version: 4.8.3

This release includes the following changes:

Bug fixes

This release includes the following fix:

Resolution: This issue is now fixed.

Resolution: This issue is now fixed.

Security fixes

This release includes fixes for the following security issues:

CVE-2024-0232, CVE-2024-0553, CVE-2024-0567

CVE-2023-2975, CVE-2023-3446, CVE-2023-3817, CVE-2023-5363, CVE-2023-5678, CVE-2023-5981, CVE-2023-6129, CVE-2023-6237, CVE-2023-7104

CVE-2021-35937, CVE-2021-35938, CVE-2021-35939, CVE-2021-4209

CVE-2019-19244, CVE-2019-9936, CVE-2019-9937

Cloud Pak for Data Version 4.8.2

A new version of Data Privacy was released in January 2024 with Cloud Pak for Data 4.8.2.

Operand version: 4.8.2

This release includes the following changes:

New features

The 4.8.2 release of Data Privacy includes the following features and updates:

New option for rule action precedence
Rule action precedence enables you to specify how rules are applied when there are multiple rules with different actions on a data set. You can use the new Hierarchical enforcement option to configure a two-layer evaluation of data protection rules.
  • The first layer evaluates the rules for an Allow or Deny action without considering any masking actions. The decision from this first layer must be to allow access to move to the second layer.
  • The second layer evaluates the rules for a Transform action.

You can set this option from the user interface or from the access_decision_precedence API.

For more information, see Managing rule settings.

Enforce rules based on a tenant modality setting for aliases
You can now evaluate assets based on a tenant modality setting by calling the update tenant settings API and defining the asset_dealiasing_item_selection option. For more information, see Data protection rules enforcement.
Security fixes

This release includes fixes for the following security issues:

CVE-2023-22025, CVE-2023-26136, CVE-2023-35116, CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366, CVE-2023-44794, CVE-2023-45857, CVE-2023-46120, CVE-2023-5678, CVE-2023-5752

CVE-2022-45146

CVE-2021-32052,CVE-2021-41720,CVE-2021-44907

CVE-2020-28275

CVE-2019-20916

Cloud Pak for Data Version 4.8.1

A new version of Data Privacy was released in December 2023 with Cloud Pak for Data 4.8.1.

Operand version: 4.8.1

This release includes the following changes:

Security fixes

This release includes fixes for the following security issues:

CVE-2023-4586, CVE-2023-22025, CVE-2023-22081, CVE-2023-26136, CVE-2023-34055, CVE-2023-35116, CVE-2023-39325, CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366, CVE-2023-45857, CVE-2023-46120, CVE-2023-48631, CVE-2023-49083

CVE-2022-25883

CVE-2021-41720, CVE-2021-44907

CVE-2020-28275

GHSA-m425-mq94-257g, GHSA-xpw8-rcwv-8f8p

Cloud Pak for Data Version 4.8.0

A new version of Data Privacy was released in November 2023 with Cloud Pak for Data 4.8.0.

Operand version: 4.8.0

This release includes the following changes:

New features

The 4.8.0 release of Data Privacy includes the following features and updates:

Export and import data protection rules
You can now use the Cloud Pak for Data command-line interface (cpd-cli) to export and import data protection rules across multiple instances of Cloud Pak for Data. The links to glossary artifacts, catalogs, assets, and users are maintained when you export the data protection rules. For more information, see Migrating data protection rules.
Double-byte or Unicode data is masked to X characters when you define Obfuscate masking rules
When you mask data with Identifier masking method (a data masking option for obfuscating), all the special characters in Unicode (such as double-byte characters) that are non-English-language characters is masked to X except the alphanumeric character and some special characters, such as -./@#$ %^&*()\:;?_"

For more information, see Obfuscating data method.

Security fixes

This release includes fixes for the following security issues:

CVE-2023-2253, CVE-2023-3635, CVE-2023-4806, CVE-2023-4813, CVE-2023-4911, CVE-2023-5363, CVE-2023-27043, CVE-2023-28840,CVE-2023-36632, CVE-2023-39323, CVE-2023-39533, CVE-2023-40217, CVE-2023-43642, CVE-2023-44487, CVE-2023-45142, CVE-2023-45803, CVE-2023-45853

CVE-2022-29244, CVE-2022-41723

CVE-2017-11468

PRISMA-2022-0168, PRISMA-2022-0227

GHSA-74fp-r6jw-h4mp