R12.52 SP1 CR07
===========
The following issues were fixed in Web Agent:
| Salesforce Case Number | Internal Defect ID | Issue Description |
|---|
| 00692205 | DE280513 | Web agent crashes when the machines use IPV6 addresses. |
R12.52 SP1 CR06
===========
| Salesforce Case Number | Internal Defect ID | Issue Description |
|---|
0006287 00280305 | DE66914 DE130868 | Web Agent End URL is not redirecting using HTTPS but instead it was redirecting to HTTP. |
00138155 | DE85420 | Post preservation flow is not working and it is throwing HTTP 500 error for webserver when content compression is enabled for text/html type for Oracle iPlanet webserver. |
| 00150872 | DE104195 | login.sfcc goes into infinite redirect loop when resource is protected using X509 Cert or forms authentication scheme and the resource is accessed from the browser. |
00311456 | DE139919 | Before authentication, Policy Server trims trailing spaces or carriage returns whenever username contains these characters but SMUSER header contains username with carriage return characters. |
00345282 | DE157331 | In WebAgent Trace, ResponseTime is not logged in milliseconds. |
00356972 | DE159608 | Password change form is not being displayed for German locale. |
00353589 | DE162245 | Browser throws HTTP 502.3 error when trying to access the URL behind IIS+ARR and that URL contains non-standard ASCII characters. |
00449099 | DE186996 | APS libraries are missing in Solaris 64-bit Web Agent. |
| 00303302 | DE138108 | Service Provider fails with “java.lang.NullPointerException” while consuming an IDP generated assertion with the SP feature SingleAssertionUsage option is enabled. |
| 00216581 | DE143166 | Web Agent is not failing back to the first Policy Server and requests are not processed successfully when starting the first Policy Server. |
| 00424351 | DE172435 | CA Access Gateway is vulnerable to an XXE injection attack and able to retrieve confidential data and access sensitive files on the server, for example the "passwd" file. |
| 00511425 | DE232200 | Agent crashes the web server when you access FCC page for impersonation flow. |
R12.52 SP1 CR05
===========
| Salesforce Case Number | Internal Defect ID | Issue Description |
| 22000073-01 | DE65940 | The SAML 1.1 default target configuration is inconsistent in FSS UI and Administrative UI. |
| 00085491 | DE72409 | The WebAgent-OnAccept-Redirect response fails to work for POST requests when the ACO uses LegacyCookieProvider and CookieProvider. |
| 00146918 | DE74047 | The LLAWP Process shutdown delays if the default value of RequestTimeout value is changed in HCO. |
| 00176713 | DE75598 | Web Agent Option Pack fails to honor the SSOTrustedZone parameter. |
| 00075954 | DE78997 | When LegacyCookieProvider is set to YES, the PUT and HEAD methods are converted to GET after redirection to cookie provider. |
| 00061182 | DE82998 | The TargetAsRelativeURI ACO parameter fails to evaluate response URIs. |
| 00061182 | DE83176 | The TargetAsRelativeURI ACO parameter evaluates the OnAuthAccept response URI. |
| 00219262 | DE92856 | The Multivalued HTTP headers are not displayed for Apache webserver when PreserverHeaders is set to YES. |
| 00186932 | DE100675 | Web Agent displays the “Bad or missing context 'SESSION struct'” error for a valid condition. |
| 00250498 | DE103898 | The Forward proxy fails to work with Web Agent deployed on Apache 2.4.x, resulting in the 500 server error. |
| 00248797 | DE130894 | Web Agent throws the following error when the client makes a call with empty host header using the HTTP/1.1 protocol: “Unable to resolve server host name. Exiting with HTTP 500 server error '10-0004'. |
| 00220954 | DE137855 | AuthnRequest sent by HTTP POST binding does not contain the the Destination attribute. |
| 00220523 | DE138229 | The Web Agent configuration wizard fails to detect the Oracle HTTP Server instance when it is installed outside of ORACLE_HOME. |
| 00226217 | DE138412 | SAML2.0 Response signing throws an exception if no assertion is found in the SAML Response. |
| 21907654 | DE138955 | If a request includes an IP address that is unresolved, access to the application fails though the request through a proxy server to the same application is successful. |
| 00118306 | DE139891 | The password change reason is not passed to Change Password form during POST. |
| 00261138 | DE144425 | Federation web services fail to validate the URL passed in the wreply query parameter and may redirect the user to a phishing website. |
| 00037176 | DE156074 | The SAML 2.0 SLO with SOAP binding fails with the 500 server error if the SS_EXPIRYDATA5 file is changed. |
| 00349861 | DE158102 | The ISAPI filter for 64-bit web agent is missing in IIS Manager after the agent upgrade. |
| 00195376 | DE66836 | The functionality of Flush All overrides the rollover configuration defined in LoggerConfig.properties, and rolls the Web Agent Option Pack logs. |
| 00173114 | DE72556 | The time unit in SmPortal.cfg is incorrectly represented in milliseconds. |
| 00095363 | DE99753 | The Apache Web Agent causes high CPU usage. |
| 00190162 | DE100770 | The web agent configuration wizard fails to update the opmn.xml with Oracle HTTP Server 11g. |
| 00149984 | DE109460 | If CSSErrorFile is set to a local file path, Web Agent appends extra text strings to the error page. |
| 0009305 | DE109479 | Apache webserver fails to start and determine the path to the .properties file when web agent is enabled. |
R12.52 SP1 CR04
===========
Product: CA SiteMinder Web Agent 12.52 SP01 CR04
December 30, 2015 CA SiteMinder Web Agent 12.52 SP01 CR04 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
RTC 168683 / DE94552 CA SiteMinder agents do not support auto authorization.
RTC 161418 / DE86190 The installer displays a misleading error message when incorrect host registration credentials are provided.
RTC 155671 / DE78890 Web Agent reports the HTTP 500 Server error when the Cookie Provider is not defined.
RTC 153157 / DE104171 Web Agent displays the HTTP 500 Server error when a URL ending with .sac extension is accessed.
RTC 163694 / DE111843 HTTP Response of BadCSSCharsFound contains incorrect HTML data.
RTC 161317 / DE86714 Web agent crashes if the HTTP_OPENID_DISC cookie is not present in headers for the OpenID authentication provider.
RTC 141833 / DE79301 Duplicate ICU shared library files are present in the ICU third-party folder.
RTC 160850 / DE102716 The Impersonation flow fails when the FCC Compat mode is set to YES.
RTC 162925 / DE74697 The SMUSRMSG cookie appears even after successful authentication.
RTC 157785 / DE106171 The Windows Step-up Authentication challenges user with the NTLM dialog with an access denied error.
RTC 151777 / DE84661 Web Agent initializes though an agent is not configured to a website.
RTC 162301 / DE74396 The SMIDENTITY cookie gets deleted on log out.
RTC 162681 / DE73068 The Web Agent configuration wizard does not add the SSLClientAuth directive for any x509 authentication scheme.
RTC 142415 / DE66081 The Windows PATH variable appends duplicate values after reinstalling Web Agent.
RTC 137831/137834 / The web agent vulnerability in SMAUTHREASON with
DE72676/DE72835 non-numeric data is exposed to JSP/JavaScript attack.
RTC 137739/156919 / The SunOne WebAgent terminates abruptly when
DE72506/DE66473 a large URL ends with the '%' character.
R12.52 SP1 CR03
===========
September 21, 2015 SiteMinder Web Agent 12.52 SP01 CR03 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
161399 CSS Vulnerability (When URL contains % character at the end, Webagent is sending junk characters in response) in Siteminder forms templates (For non-agent framework).
R12.52 SP1 CR02
===========
July 17, 2015 SiteMinder Web Agent 12.52 SP01 CR02 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
53246/154235 After enabling the Web Agent, names.nsf and WebAgent logs are not displayed properly.
150033 Apache child process terminates abnormally.
71834 Agent on IIS 7.5 continuously restarts after second web site is added to the web server.
142331 SAMLDataPlugin fails to accept the UseSecureCookies ACO parameter for Web Agent on the target application of Service Provider.
46137 Web Agent configuration on RedHat 7 for Rehat Apache does not place the SSL tags in ssl.conf
124667 HTTP headers using methods other than OPTIONS and HEAD are not auto authorized.
153984 Configuration wizard is corrupting iPlanet server.xml
149188 When threshold percentage is set to more than 50%, web agent connections fail to connect to all the policy servers in the cluster. The following error occurs:
Unable to load SiteMinder agent configuration object. Check that you are using the right agent configuration object and that it exists in your policy server.
145807 The URL access request blocks when you access a URL which contains %c0%af with isAllowUTF8NonCanonical flag set to no in ACO.
141054/158053 Web agent does not recognize semi colon as a parameter delimiter.
155275 Upgrade CAPKI to version 4.3.8
R12.52 SP1 CR01
===========
February 13, 2015 SiteMinder Web Agent 12.52 SP01 CR01 contains fixe for the following tracking numbers:
Tracking # Problem description
---------- ---------------------------
137092 Cookie-domain functionality fails when you enable the smconnector at Service Provider side.
64778 Web Agent support for Apache 2.4 on Windows 2008 R2.
126082 SOA Security Manager uses basic credentials when there is no SOAP body in request for the resources that are protected with WS-Security AuthScheme.
119501 Agent fails to display log messages when you configure Domino Agent on IBM AIX.
70656 IIS w3wp process terminates intermittently under heavy load.
121054 IIS w3wp terminates abruptly and creates multiple log files in a shorter duration.
85711 Web Agent support for Apache graceful restart on LINUX.
98537 Agent forces re-authentication in a Multi-Domain SSO environment, when both the MASTER domain cookies expire.
R12.52 CR01
===========
March 4, 2014 SiteMinder Web Agent 12.52 CR01 contains fixes for the following tracking numbers:
Tracking # Problem description
---------- -------------------
This component is not released as part of 12.52 CR01.