Readme for Cloud Pak for Business Automation 21.0.3 IF018

Fix Readme

Abstract

The following document is for IBM Cloud Pak for Business Automation 21.0.3 IF018. It includes the CASE package download, installation information, and the list of APARs/Known Issues that are resolved in this interim fix.

Content

Readme file for:	IBM Cloud Pak® for Business Automation

Product Release:	21.0.3
Update Name:	21.0.3 IF018
Fix ID:	21.0.3-WS-CP4BA-IF018
Publication Date:	23 February 2023

Prerequisites and supersedes
Components impacted
Before upgrading
Installing the interim fix
Performing the necessary tasks after installation
Uninstalling
List of fixes
Known Limitations
Document change history

Prerequisites and supersedes

Supersedes all prior interim fixes for Cloud Pak for Business Automation 21.0.3.

Components impacted

General
Cloud Pak for Business Automation Operator
Automation Document Processing
Automation Decision Services
Business Automation Application
Business Automation Insights
Business Automation Navigator
Business Automation Studio
Business Automation Workflow including Automation Workstream Services
Enterprise Records
FileNet Content Manager
Operational Decision Management
User Management Service
Workflow Process Service

Before upgrading

Ensure you take regular backups of any databases associated with the environment.
Ensure your operators are in a healthy state, before upgrading.
If one or more operators are failing, then it can prevent the system from completing an upgrade.
It is recommended to check a few of the important CR statuses to ensure there are not failures and the statuses appear ready for the various installed components. Check the status of the following CRs when they exist:
```
oc get icp4acluster -o yaml
oc get AutomationUIConfig -o yaml 
oc get Cartridge -o yaml 
oc get AutomationBase -o yaml 
oc get CartridgeRequirements -o yaml
```
Required when you are using Business Automation Insights
If Business Automation Insights is deployed, prune the Business Automation Insights deployment, and jobs, before you apply the updated custom resource YAML file.
```
$ oc delete Deployment,Job -l \
> 'app.kubernetes.io/name=ibm-business-automation-insights'
```
Tip: For Flink event processing to resume from its previous state, make sure that savepoints are created before the upgrade and specified in the updated CR. For more information see Restarting from a checkpoint or savepoint

Installing the interim fix

Important: If you used any individual image tag settings in your CP4BA CR, it could prevent the operator from updating the images to the appropriate version. Ensure you remove any of these settings for a production installation when you upgrade.

Breaking change(s):

Starting with 21.0.3-IF012 interim fix, the URLs for Content Management Interoperability Services (CMIS) have changed (i.e., "cmis" context root was introduced):
- The previous CPD route for CMIS has changed
  - from: https://cpd-<cp4ba-namespace>.xxxx.xxxx.xxxx/openfncmis_wlp
  - to: https://cpd-<cp4ba-namespace>.xxxx.xxxx.xxxx/cmis/openfncmis_wlp
- The previous Openshift route for CMIS has changed
  - from: https://cmis-<cp4ba-namespace>.xxxx.xxxx.xxxx/openfncmis_wlp
  - to: https://cmis-<cp4ba-namespace>.xxxx.xxxx.xxxx/cmis/openfncmis_wlp

The CASE package associated with this interim fix is ibm-cp-automation-3.2.18.tgz. Download the CASE package to wherever you are planning to perform the online installation or upgrade of this interim fix (for example, the infrastructure node of your OCP cluster) and extract the CASE package into a directory. For offline/Airgap installation or upgrade follow below mentioned Scenario 5.

Cloud Pak for Business Automation 21.0.3 interim fixes are released to the v21.3 operator channel. Once the operator is upgraded, it triggers rolling updates for all the pods it manages to ensure they are updated to the appropriate version to match the operator.

If your environment has access to IBM entitled registry and has an automatic v21.3 channel subscription then production installations are upgraded automatically. This upgrade generally occurs when the interim fix is released or when images are mirrored for air gap setup.

Starting with 21.0.3-IF007 interim fix, we "pin" the version of Cloud Pak for Business Automation along with all its dependencies including IBM Automation Foundation and IBM Cloud Pak Foundational Services. In other words, the automatic updates will be turned off and you will need to perform the steps listed to upgrade your environments in the future.

This interim fix contains the following version of Cloud Pak for Business Automation, Automation Foundation, and Cloud Pak Foundational Services:

Cloud Pak for Business Automation – 21.0.3-IF018
Automation Foundation – 1.3.13
Cloud Pak Foundational Services – 3.19.8

Note: If you have other Cloud Paks installed on the same OCP cluster, be sure to check the compatibility of the Automation Foundation and Cloud Pak Foundational Services versions, listed above, with other Cloud Paks.

Depending on the current setup and state of your existing environment, there are various upgrade actions that need to be taken. The following scenarios cover what actions might be needed for a particular setup.

Scenario 1: You are using a starter installation.

Actions: Starter environments do not support upgrades. Although you can use the interim fix content, install a new starter environment and use the CASE package from this interim fix.
Scenario 2: Your installation is version 21.0.2-IF012
Note: You can only upgrade to 21.0.3-IF00x from the latest 21.0.2-IF012
Actions: To upgrade your environment, follow the Upgrading automation containers instructions.
- When you perform the upgrade, you can substitute the CASE package from this interim fix for the 21.0.3 CASE package while you follow the instructions. For air gap, you can use the case save command in step 2 of scenario 6.
- Note: If you are using versions before 21.0.2, then you must incrementally upgrade and follow the instructions for each version between your source version and 21.0.3

Scenario 3: Your installation is version 21.0.3-IFxxx and you're using pinned catalog (note that pinned catalog was available with 21.0.3-IF007 or later)

Apply the catalog sources to pin to the specified versions for IBM Automation Foundation, IBM Foundational Services with Cloud Pak for Business Automation.
You can apply the catalog sources below from a command line by creating a YAML file (for example, cp4ba_catalog_sources.yaml) with the catalog sources below and performing "oc apply -f cp4ba_catalog_sources.yaml", or you can apply the catalog sources using the OCP console
Note, you can apply only one catalog source at a time using the OCP console.
Note: The DB2, IBM Business Team Service, and Postgres catalog sources are dependent components of Cloud Pak for Business Automation.

# CP4BA 21.0.3 IF018 catalog
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
  name: ibm-cp4a-operator-catalog
  namespace: openshift-marketplace
spec:
  displayName: ibm-cp4a-operator
  publisher: IBM
  sourceType: grpc
  image: icr.io/cpopen/ibm-cp-automation-catalog@sha256:6baa534110ee1cca40cd2524d7e045dc120b3d8d6666b03dfa2fc9534469ed01
  updateStrategy:
    registryPoll:
      interval: 45m
---
# IBM Automation Foundation Base 1.3.13
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
  name: ibm-cp-automation-foundation-catalog
  namespace: openshift-marketplace
spec:
  displayName: IBM Automation Foundation Operators
  publisher: IBM
  sourceType: grpc
  image: icr.io/cpopen/ibm-cp-automation-foundation-catalog@sha256:1753b1cabf6cdc6d295d8da096ce3f769b6487fdbef5802de63dccbfa7d9a43b
  updateStrategy:
    registryPoll:
      interval: 45m
---
# IBM Automation Foundation Core 1.3.13
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
  name: ibm-automation-foundation-core-catalog
  namespace: openshift-marketplace
spec:
  displayName: IBM Automation Foundation Core Operators
  publisher: IBM
  sourceType: grpc
  image: icr.io/cpopen/ibm-automation-foundation-core-catalog@sha256:8bd0b52526de4a2adf6b299237f3d295a710e7d0ff538a319226c614ceae618b
  updateStrategy:
    registryPoll:
      interval: 45m
---
# IBM Cloud Foundational Services 3.19.8
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
  annotations:
    bedrock_catalogsource_priority: '1'
  name: opencloud-operators
  namespace: openshift-marketplace
spec:
  displayName: IBMCS Operators
  publisher: IBM
  sourceType: grpc
  image: icr.io/cpopen/ibm-common-service-catalog@sha256:d716688e8305aef4911a006a1bf1f819325580b16151f760ddcbee7e69d5c605
  updateStrategy:
    registryPoll:
      interval: 45m
  priority: 100
---
# IBM DB2 Operator Catalog 4.0.9
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
  annotations:
    bedrock_catalogsource_priority: '1'
  name: ibm-db2uoperator-catalog
  namespace: openshift-marketplace
spec:
  sourceType: grpc
  image: icr.io/cpopen/ibm-db2uoperator-catalog@sha256:99f725098b801474ff77e880ca235023452116e4b005e49de613496a1917f719
  displayName: IBM Db2U Catalog
  publisher: IBM
  updateStrategy:
    registryPoll:
      interval: 45m
---
# IBM Business Teams Service version 3.20.0
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
  annotations:
    bedrock_catalogsource_priority: '1'
  name: bts-operator
  namespace: openshift-marketplace
spec:
  displayName: BTS Operator
  publisher: IBM
  sourceType: grpc
  image: icr.io/cpopen/ibm-bts-operator-catalog@sha256:6fb709566a67d1a4b29d2764c91caee742768607f69f1a286d8cbe9a9effb09c
  updateStrategy:
    registryPoll:
      interval: 45m
---
# Cloud Native PostgresSQL 4.10.0
apiVersion: operators.coreos.com/v1alpha1
kind: CatalogSource
metadata:
  annotations:
    bedrock_catalogsource_priority: '1'
  name: cloud-native-postgresql-catalog
  namespace: openshift-marketplace
spec:
  displayName: Cloud Native Postgresql Catalog
  publisher: IBM
  sourceType: grpc
  image: icr.io/cpopen/ibm-cpd-cloud-native-postgresql-operator-catalog@sha256:e76fd2279cc2ffec3921655aa0ee4354f62603362d10f019dae8820f24a21bd1
  updateStrategy:
    registryPoll:
      interval: 45m
  priority: 100

Actions: Apply the updated catalog sources below (Note: you are not require to execute the "update_subscription.sh" script to change the subscription).
Scenario 4: If you are not using "pinned" catalog and your installation is version 21.0.3-IFxxxx (where xxxx is the latest iFix of 21.0.3). Your 21.0.3 installation has the latest iFix because you are using the IBM Operator Catalog and the CP4BA Operator will automatically upgrades to the latest iFix when it is available.
Actions: Apply the updated catalog sources above in scenario #3. Then execute the "update_subscription.sh" script to change the subscriptions.
1. Update the existing subscriptions of Cloud Pak for Business Automation, Automation Foundation, and Cloud Pak Foundational Services to change from IBM Operator Catalog to the individual catalogs applied above.
  1. Find the update_subscription.sh script from the extracted CASE package under "../ibm-cp-automation/inventory/cp4aOperatorSdk/files/deploy/crs/cert-kubernetes/scripts" Note, at the root of the CASE package is a nested archive that needs to be extracted as well.
  2. Log in to your OCP cluster as a cluster administrator
  3. Execute the update_subscription.sh -n <your cp4ba namespace>
    Note, at this point, the environment will be updated to use the new "pinned" catalogs. Your environment will no longer auto-update the operators when new versions are released.
2. If you have any subscriptions set to manual, then you need to approve any pending operator updates.
  If some of the many operator updates are not approved, it is not recommended to set subscriptions to manual, this makes the upgrade more error prone . By default all subscriptions are set to automatic.
Scenario 5: If you are not using "pinned" catalog and your installation is version 21.0.3-IFxxxx (where xxxx is the latest iFix of 21.0.3). Your 21.0.3 installation has the latest iFix or this iFix because you are using the IBM Operator Catalog. Now you want to upgrade the installation to 22.0.1 and want to switch to use "pinned" catalogs.
Actions: Apply the updated catalog sources above in scenario #3 for 21.0.3. Then execute the "update_subscription.sh" script to change the subscriptions to use "pinned" catalogs.
1. Update the existing subscriptions of Cloud Pak for Business Automation, Automation Foundation, and Cloud Pak Foundational Services to change from IBM Operator Catalog to the individual catalogs applied above in scenario #3 for 21.0.3 .
  1. Find the update_subscription.sh script from the extracted CASE package under "../ibm-cp-automation/inventory/cp4aOperatorSdk/files/deploy/crs/cert-kubernetes/scripts" Note, at the root of the CASE package is a nested archive that needs to be extracted as well.
  2. Log in to your OCP cluster as a cluster administrator
  3. Execute the update_subscription.sh -n <your cp4ba namespace>
    Note, at this point, the environment will be updated to use the new "pinned" catalogs. Your environment will no longer auto-update the operators when new versions are released. This update process might take some time to restart all the operators.
2. If you have any subscriptions set to manual, then you need to approve any pending operator updates.
  If some of the many operator updates are not approved, it is not recommended to set subscriptions to manual, this makes the upgrade more error prone . By default all subscriptions are set to automatic.
3. Once the subscriptions are updated and operators restarted follow the steps from Upgrading operators that are pinned.
Scenario 6: Your installation is air gap and 21.0.3.x
Actions:

After the operators are upgraded, it will trigger the upgrade of the related deployments and pods. See the items mentioned in "Performing the necessary tasks after installation" for more actions that can be needed after the upgrade is completed.
1. Set up the environment variables for CASE.
  
  export CASE_NAME=ibm-cp-automation
  
  export OFFLINEDIR=/opt/cp4ba2103-if018
  
  export CASE_VERSION=3.2.18
  
  export CASE_INVENTORY_SETUP=cp4aOperatorSetup
  
  export CASE_ARCHIVE=${CASE_NAME}-${CASE_VERSION}.tgz
  
  export CASE_LOCAL_PATH=${OFFLINEDIR}/${CASE_ARCHIVE}
  
  Note: The values are specific to the interim fix, however, you can choose a different empty directory for the OFFLINEDIR if you need to put the files somewhere else.
2. Save this specific set of case packages
```
cloudctl case save --case docker://icr.io/cpopen/ibm-cp-automation-case-cache@sha256:0699b260325b647f50376577692f52f90abfaca1e457f0809492b155a1b16b7c --outputdir ${OFFLINEDIR}
```
  Once the command completes, all the Case archive and inventory are saved under /opt/cp4ba2103-if018.
3. Mirror the entitled registry images to the local registry by completing the same steps used during installation. For more information about mirroring, see Mirroring images to the private registry.
  Make sure to use the CASE image OFFLINEDIR (/opt/cp4ba2103-if018) from step 1.
4. Update the catalog with the new version by running the install-catalog action.
```
cloudctl case launch \
--case ${OFFLINEDIR}/${CASE_ARCHIVE} \
--inventory ${CASE_INVENTORY_SETUP} \
--action install-catalog \
--namespace ${NAMESPACE} \
--args "--registry ${LOCAL_REGISTRY} --inputDir ${OFFLINEDIR} --recursive" 
```
5. If you have any subscriptions set to manual, then you need to approve any pending operator updates.
  
  If some of the many operator updates are not approved, it is not recommended to set subscriptions to manual as it can make the upgrade more error prone. By default all subscriptions would be set to automatic.

Performing the necessary tasks after installation

Update Kafka certificates when you are using Business Automation Insights
If you are using Business Automation Insights and upgrading from an IBM Automation Foundation version before 1.3, the operator will fail to become ready after the upgrade, and kafka/zookeeper pods show SSL errors. To resolve the issue, follow the "To renew the leaf certificates for Kafka" instructions in Changes to CA certificate and key does not automatically rotate Kafka leaf certificates.
Review the installation
It is recommended that you review the CR yaml status section and operator logs after the upgrade to ensure there are no failures preventing your pods from upgrading.
```
oc get icp4acluster -o yaml > CP4BAconfig.yaml
oc logs deployment/ibm-cp4a-operator -c operator > operator.log
```
If you are interested in verifying the expected image digest for a particular image, then you can review the ibm-cp-automation\inventory\cp4aOperatorSdk\resources.yaml file in the CASE package. This file has a listing of the images managed by the CP4BA operator and their expected digest for this particular interim fix level.
Required when you are using Workflow Process Service OCP deployment
If you used any individual image tag settings in your WfPSRuntime CR, it could prevent the operator from updating the images to the appropriate version. Ensure you remove any of these settings when you upgrade.
Required when you are using Workflow Process Service Docker Compose Edition
1. Follow the step 2 of section "3. Running your environment" in Installing Workflow Process Service to log in to the entitled registry with your entitlement key.
2. Back up your database backup, docker-compose.yml and folder for docker volumes “production_workflow_runtime_data” and “production_workflow_runtime_logs”.
3. (Optional) Push the images to your docker registry. Log in to your docker registry, and push the docker images into your docker registry by using the following commands:
```
docker login <server>
docker tag cp.icr.io/cp/cp4a/workflow-ps/workflow-ps-server:<tag> \
 <server>/workflow-ps-server:<tag>
docker tag cp.icr.io/cp/cp4a/workflow-ps/workflow-ps-authoring:<tag> \
 <server>/workflow-ps-authoring:<tag>
docker push <server>/workflow-ps-server:<tag>
docker push <server>/workflow-ps-authoring:<tag>
```
  Where <server> is the host of the docker image registry that you want to use to pull the images. For example, myregistry.local:5000 or localhost:8080 for a self-hosted registry. Also, replace <tag> with the corresponding tag matching this interim fix's tag in the form of <release>-IFxxx, for example, 21.0.3-IF018.
4. Run docker-compose down command to stop the Workflow Process Server container.
5. Update the image url's tags in docker-compose.yml.
```
<server>/workflow-ps-server:<tag>
<server>/workflow-ps-authoring:<tag>
```
  Where <tag> is the corresponding tag matching this interim fix's tag in the form of <release>-IFxxx, for example, 21.0.3-IF018.
6. Run docker-compose up command to start the Workflow Process Server container
For more detail on Workflow Process Service, refer to Installing Workflow Process Service .

Troubleshooting: If you are using a Docker Desktop version 4.3.0 or greater, you might get an out of memory error when you start the server. For more details and possible resolution to this issue, and other troubleshooting guidance, refer to Troubleshooting Workflow Process Service on Podman or Troubleshooting Workflow Process Service on Docker.
Required when you are using Operational Decision Manager
You must update your Rule Designer:
- Open Eclipse
- Open menu Help > Check for Updates
- Select IBM Operational Decision Manager for Developers v8.11.x - Rule Designer
- Proceed with installation.

Uninstalling

There is no procedure to uninstall the interim fix.

List of Fixes

APARs/Known Issues fixed by this interim fix are listed in the following tables.

The columns are defined as follows:

Column title	Column description
APAR/Known Issue	The defect number
Title	A short description of the defect
Sec.	A mark indicates a defect related to security
Cont.	A mark indicates a defect specific to the Cloud Pak integration of the component
B.I.	A mark indicates the fix has a business impact. Details are found in the title column or the APAR/Known Issue document

General
Cloud Pak for Business Automation Operator
Automation Document Processing
Automation Decision Services
Business Automation Application
Business Automation Insights
Business Automation Navigator
Business Automation Studio
Business Automation Workflow including Automation Workstream Services
Enterprise Records
FileNet Content Manager
Operational Decision Management
User Management Service
Workflow Process Service

General

Known Issue	Title	Sec.	Cont.	B.I.
N/A	Cloud Pak for Business Automation delivers container images that include operating system level and other open source libraries. Vulnerabilities (CVEs) for these libraries are published regularly. This interim fix includes fixes for these libraries to address: CVE-2022-34175, GHSA-3mq5-fq9h-gj7j, CVE-2022-29187, CVE-2022-39253, CVE-2022-39260, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-40303, CVE-2022-40304, CVE-2022-43680, CVE-2022-40151, CVE-2022-41966, CVE-2022-31690, CVE-2022-31692, CVE-2022-34172, CVE-2022-34173, CVE-2022-2047, CVE-2022-45047, CVE-2017-1000487, CVE-2022-2048, CVE-2022-32190, CVE-2023-22809, CVE-2022-25857, CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-38752, CVE-2022-41854, CVE-2023-21835, CVE-2023-21843, CVE-2022-40149, CVE-2022-40150, CVE-2022-45685, CVE-2022-45693, CVE-2018-1296, CVE-2018-8029, CVE-2021-42550, CVE-2019-10086, CVE-2017-7669, CVE-2015-7501, CVE-2021-37533, CVE-2022-42889, CVE-2022-45198, CVE-2022-45199, CVE-2021-3828, CVE-2022-44617, CVE-2022-46285, CVE-2022-4883, CVE-2023-21830, CVE-2019-14491, CVE-2019-14492, CVE-2019-14493, CVE-2019-15939, CVE-2019-16249, CVE-2019-19624, CVE-2019-5063, CVE-2019-5064, CVE-2019-9423, CVE-2016-3086, CVE-2016-5001, CVE-2016-5393, CVE-2016-6811, CVE-2017-15713, CVE-2017-3161, CVE-2017-3162, CVE-2020-9492, CVE-2022-25168, CVE-2021-23437, CVE-2022-22815, CVE-2022-22816, CVE-2022-22817, CVE-2022-24303, GHSA-4fx9-vc88-q2xc, PRISMA-2021-0134, CVE-2019-20444, CVE-2019-20445, CVE-2021-21290, CVE-2019-16869, CVE-2015-1776, CVE-2021-37404, CVE-2022-26612, CVE-2014-3577, CVE-2015-5262, CVE-2021-3842, CVE-2021-43854, CVE-2021-21295, CVE-2021-21409, CVE-2015-6420, CVE-2022-24761, CVE-2020-11612, CVE-2021-34141, CVE-2021-33036, CVE-2014-0114, CVE-2021-22569, CVE-2022-2056, CVE-2022-2057, CVE-2022-2058, CVE-2022-2519, CVE-2022-2520, CVE-2022-2521, CVE-2022-2867, CVE-2022-2868, CVE-2022-2869, CVE-2022-2953, CVE-2021-3121, RHSA-2023:0096, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, RHSA-2023:0103, RHSA-2023:0116, RHSA-2023:0173, CVE-2022-40304, CVE-2022-40303, CVE-2022-35737, RHSA-2023:0100, CVE-2022-3821, RHSA-2023:0284, CVE-2022-25857, CVE-2022-38749, CVE-2022-38751, CVE-2022-38752, CVE-2022-41854, CVE-2022-38750, CVE-2022-2964, CVE-2022-4139, CVE-2022-22817, CVE-2022-24303, CVE-2021-23437, CVE-2022-45198, CVE-2022-45199, CVE-2022-22815, CVE-2022-22816, CVE-2021-42550, CVE-2021-22569, CVE-2014-0114, CVE-2019-10086, CVE-2015-7501, CVE-2017-15708, CVE-2015-4852, CVE-2015-6420, CVE-2021-37533, CVE-2020-11612, CVE-2019-20444, CVE-2019-20445, CVE-2019-16869, CVE-2020-7238, CVE-2021-21290, CVE-2021-21295, CVE-2021-21409, CVE-2021-3828, CVE-2021-3842, CVE-2021-43854, CVE-2021-34141, CVE-2019-5063, CVE-2019-5064, CVE-2019-14491, CVE-2019-9423, CVE-2019-14492, CVE-2019-14493, CVE-2019-19624, CVE-2019-15939, CVE-2019-16249, CVE-2022-42889, CVE-2017-3162, CVE-2017-3161, CVE-2016-3086, CVE-2021-37404, CVE-2022-25168, CVE-2022-26612, CVE-2020-9492, CVE-2016-5393, CVE-2016-6811, CVE-2017-7669, CVE-2017-15713, CVE-2015-1776, CVE-2016-5001, CVE-2018-11768, CVE-2021-33036, CVE-2014-3577, CVE-2022-40149, CVE-2022-40150, CVE-2022-45685, CVE-2022-45693, CVE-2011-4461, CVE-2022-24761, CVE-2020-28975 Previous interim fixes have included fixes which are also addressed with this interim fix. Consult the Related links section for readmes of previous interim fixes, at the bottom of this document.

Cloud Pak for Business Automation Operator

Known Issue	Title	Sec.	Cont.	B.I.
JR65221	Unable to access custom case widget after deployment in CP4BA

Automation Document Processing

Known Issue	Title	Sec.	Cont.	B.I.
N/A	N/A

Automation Decision Services

Known Issue	Title	Sec.	Cont.	B.I.
N/A	N/A

Business Automation Application

Known Issue	Title	Sec.	Cont.	B.I.
N/A	N/A

Business Automation Insights

Known Issue	Title	Sec.	Cont.	B.I.
N/A	N/A

Business Automation Navigator

Known Issue	Title	Sec.	Cont.	B.I.
N/A	N/A

Business Automation Studio

Known Issue	Title	Sec.	Cont.	B.I.
DT188025	A typo in one of the Swagger API for artmgt/docs#/Cp4BA%20Migration in IBM Cloud Pak for Business Automation
DT189645	TOOLKIT UPGRADE RESULTS IN NOCLASSDEFFOUNDERROR DURING THE UPDATE OF TEAMS

Business Automation Workflow including Automation Workstream Services

Known Issue	Title	Sec.
DT180564	SECURITY APAR CVE-2023-22860 - STORED XSS IN PROCESS ADMIN CONSOLE	X
DT188641	SECURITY - CVE-2023-24957 - Stored XSS vulnerability when performing a document upload using Responsive Document Explorer	X
DT143005	UPDATE EMBEDDED CONTENT MANAGEMENT INTEROPERABILITY SERVICES TO A VERSION THAT USES A NEWER VERSION OF SPRING FRAMEWORK
DT145536	ERROR CWTBG0535E OCCURS WHEN A SERVICE IS CALLED FROM A CLIENT SIDE HUMAN SERVICE WITH DATA CONTAINING THE MAP DATA TYPE
DT168702	A JAVA.LANG.NULLPOINTEREXCEPTION OCCURS WHEN CALLING A SERVICE FLOW FROM A CLIENT SIDE HUMAN SERVICE
DT179174	WHEN CALLING BTS TEAM SERVICE, BUSINESS AUTOMATION WORKFLOW CACHES ACCESS TOKEN WITH WRONG EXPIRATION TIME
DT188690	MULTIPLE VULNERABILITIES IN JACKSON-DATABIND AND SNAKEYAML MIGHT AFFECT IBM BUSINESS AUTOMATION WORKFLOW
DT189645	TOOLKIT UPGRADE RESULTS IN NOCLASSDEFFOUNDERROR DURING THE UPDATE OF TEAMS
DT195977	ACTIVITY PROCESS FAILS TO START WITH CLASSLOADER EXCEPTIONS
DT198694	AFTER YOU UPGRADE TO IF017, YOU ARE UNABLE TO USE CASE CLIENT AND A CLASSNOTFOUNDEXCEPTION: COM.IBM.BPM.SERVLET.FILTERS.GENERICSECURITYSERVLETFILTERUNABLE ERROR IS LOGGED

Enterprise Records

Known Issue	Title	Sec.	Cont.	B.I.
N/A	N/A

FileNet Content Manager

Known Issue	Title	Sec.	Cont.	B.I.
	See FileNet Content Manager Release Fix List APARs for IBM Cloud Pak for Business Automation technote

Operational Decision Management

Known Issue	Title	Sec.	Cont.	B.I.
DT179799	CROSS SITE SCRIPTING (XSS) VULNERABILITY IN USER PROFILE
DT187737	CANNOT RENAME SHARED BRANCH OF A MIGRATED CLASSIC RULE PROJECT
DT188782	CANNOT DELETE BRANCH

User Management Service

Known Issue	Title	Sec.	Cont.	B.I.
N/A	N/A

Workflow Process Service

Known Issue	Title	Sec.
DT180564	SECURITY APAR CVE-2023-22860 - STORED XSS IN PROCESS ADMIN CONSOLE	X
DT179174	WHEN CALLING BTS TEAM SERVICE, BUSINESS AUTOMATION WORKFLOW CACHES ACCESS TOKEN WITH WRONG EXPIRATION TIME
DT188690	MULTIPLE VULNERABILITIES IN JACKSON-DATABIND AND SNAKEYAML MIGHT AFFECT IBM BUSINESS AUTOMATION WORKFLOW
DT189645	TOOLKIT UPGRADE RESULTS IN NOCLASSDEFFOUNDERROR DURING THE UPDATE OF TEAMS

Known Limitations

Known issues in IBM Cloud Pak foundational services

Document change history

23 February 2023: Initial publish.

Related Information

[Supersedes 21.0.3-IF017] Readme for Cloud Pak for Business Automation 21.0.3 I…

[Supersedes 21.0.3-IF016] Readme for Cloud Pak for Business Automation 21.0.3 I…

[Supersedes 21.0.3-IF015] Readme for Cloud Pak for Business Automation 21.0.3 I…

[Supersedes 21.0.3-IF014] Readme for Cloud Pak for Business Automation 21.0.3 I…

[Supersedes 21.0.3-IF0013] Readme for Cloud Pak for Business Automation 21.0.3 …

[Supersedes 21.0.3-IF012] Readme for Cloud Pak for Business Automation 21.0.3 I…

[Supersedes 21.0.3-IF011] Readme for Cloud Pak for Business Automation 21.0.3 I…

[Supersedes 21.0.3-IF010] Readme for Cloud Pak for Business Automation 21.0.3 I…

[Supersedes 21.0.3-IF009] Readme for Cloud Pak for Business Automation 21.0.3 I…

[Supersedes 21.0.3-IF008] Readme for Cloud Pak for Business Automation 21.0.3 I…

[Supersedes 21.0.3-IF007] Readme for Cloud Pak for Business Automation 21.0.3 I…

[Supersedes 21.0.3-IF006] Readme for Cloud Pak for Business Automation 21.0.3 I…

[Supersedes 21.0.3-IF005] Readme for Cloud Pak for Business Automation 21.0.3 I…

[Supersedes 21.0.3-IF004] Readme for Cloud Pak for Business Automation 21.0.3 I…

[Supersedes 21.0.3-IF003] Readme for Cloud Pak for Business Automation 21.0.3 I…

[Supersedes 21.0.3-IF002] Readme for Cloud Pak for Business Automation 21.0.3 I…

Cloud Pak for Business Automation Fix list

Cloud Pak for Business Automation Interim fix download

[{"Type":"MASTER","Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSBYVB","label":"IBM Cloud Pak for Business Automation"},"ARM Category":[{"code":"a8m0z0000001gWWAAY","label":"Other-\u003ECloudPak4Automation Platform"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Was this topic helpful?

Document Information

More support for:
IBM Cloud Pak for Business Automation

Component:
Other->CloudPak4Automation Platform

Software version:
All Versions

Document number:
6891911

Modified date:
21 November 2024

UID

ibm16891911

IBM Support

Tips