IBM Support

Fix list for IBM Business Automation Workflow on Cloud - April 2025 Maintenance

Fix Readme


Abstract

The following document is a list of fixes, along with their descriptions, for the IBM Business Automation Workflow on Cloud April 2025 Maintenance. For older maintenance and other related documents, refer to the links in the Related Information section at the bottom of this document.

Content

The IBM Business Automation Workflow on Cloud service will be undergoing a regularly scheduled maintenance window for critical bug fixes and security updates.
 
This maintenance is being deployed by the Cloud Pak for Business Automation as a Service Site Reliability Engineering (SRE) team. The outage to the tenant production RUN environments will be intermittent and limited to 60 minutes or less during the first hour of the maintenance window.
 
WebSphere Application Server fixes for all Business Automation Workflow on Cloud tenants
WebSphere Application Server fixes for all Business Automation Workflow on Cloud tenants
Fix ID Fix Details Additional Pre-requisite Fixes
IBM WebSphere Application Server V8.5 Fix Pack 8.5.5.27 Fix list for IBM WebSphere Application Server V8.5 Fix Pack 8.5.5.27 N/A

Back to top

Business Automation Workflow fixes for v24.0.0.0 tenants
Business Automation Workflow fixes for v23.0.2.0 tenants
Fix ID Fix Details Additional Pre-requisite Fixes
DT418407 [DT418407] CVE-2024-31141 in kafka-clients reported for Case Emitters
DT409005 [DT409005] The Case Comments widget in Case Client throws an error when it loads a case comment made by a deactivated user - IBM Business Automation Workflow
DT423338 [DT423338] Clicking the WorkflowCenter link in Case Builder solutions page fails in IBM Business Automation Workflow with custom context root
DT424609 [DT424609] IBM Business Automation Workflow (BAW): Issue with Register Case Monitor Task Failing Due to NullPointerException
DT422946 [DT422946] Event Manager tasks are slow to execute and at times, never complete after upgrading to BAW 24 - IBM Business Automation Workflow
DT418201 [DT418201] Multiple CVEs might affect the IBM BPM Configuration Editor
DT418769 [DT418769] Failed process instances show up in Process Inspector with an error stating "failed to update the row, this is most likely a benign warning caused by two threads making the same update and can be ignored"
DT412485 [DT412485] When a user has access to a huge number of tasks, the search of process instances in Processes dashboard or through JS API can take very long.
DT423276 [DT423276] Unable to search Task in the Process Portal Work Dashboard
DT419006  [DT419006] CVE-2024-54179 Reflected Cross-Site Scripting (business calendar)
DT420507  [DT420507] Vulnerability in Jackson might affect IBM Business Automation Workflow (PSIRT-WS-2022-0468)
DT416868  [DT416868] CVE-2024-21538 in cross-spawn-5.1.0.tgz affects Process Admin Console

Back to top

Business Automation Workflow fixes for v23.0.2 tenants
ix ID Fix Details Additional Pre-requisite Fixes
DT421505 [DT421505] ANY type as input to service flow fails with CWLLG0370E due to 'TeamWorksException: Path element value is expected to be a simple type value but the value is an instance of TWObject' N/A
DT424549 [DT424549] Artifact data out of sync and all the changes reverted when saving localization resource in Process Designer - IBM Business Automation Workflow N/A
DT422768 [DT422768] In IBM Business Automation Workflow 24.0.0, you may see a com.fasterxml.jackson.core.exc.StreamConstraintsException when calling a REST API with a String variable greater than 20 million bytes - IBM Business Automation Workflow N/A
DT420586 [DT420586] Variable selection check box in the New Client-Side Human Service dialog not aligned with corresponding variable N/A
DT397283 [DT397283] The 'Select the first document in the list by default' feature in Case Information widget in the classic Case Details page fails to load the context menu options for the first document in Documents tab - IBM Business Automation Workflow N/A

Back to top

Business Automation Workflow fixes for v21.0.3.1 tenants
Business Automation Workflow fixes for v21.0.3.1 tenants
Fix ID Fix Details Additional Pre-requisite Fixes
DT409394 [DT409394] CVE-2024-52364 Reflected Cross site scripting in IBM Business Automation Workflow N/A
DT416513 

Security Bulletin: XML External Entity Injection vulnerability affect IBM Business Automation Workflow - CVE-2024-28168

 N/A
DT398089

Security Bulletin: Weak authorization IBM Business Automation Workflow - CVE-2024-49348

 N/A
DT417095 [DT417095] Security vulnerability in cross-spawn-5.1.0 affects Process Designer - IBM Cloud Pak for Business Automation DT201338, DT378453, DT396249
DT395401  [DT395401] SECURITY - CVE-2024-38808 IN SPRING EXPRESSIONS N/A
DT398149  [DT398149] Updating jjwt-api to 0.12.6 - IBM Cloud Pak for Business Automation N/A
DT420400  [DT420400] NullPointerException occurs when running a process with a user task in a loop and a timer boundary event attached on the task
DT398749  [DT398749] SECURITY APAR CVE-2024-47554 in Apache Commons IO - IBM Business Automation Workflow N/A

Back to top


Note: Clear browser cache before signing in following the maintenance window.

[{"Type":"MASTER","Line of Business":{"code":"LOB76","label":"Data Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSLRPC","label":"IBM Business Automation Workflow on Cloud"},"ARM Category":[{"code":"a8mKe000000GmaiIAC","label":"Maintenance"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Document Information

Modified date:
25 March 2025

UID

ibm17228960

Page Feedback