PoolParty 10.1.1 Patch Release Notes

03/03/2025

The patch release notes cover resolved security issues and bug fixes.

Entropy of JESSIONID has been improved and the session ID generation logic is now centralized whereby the level of abstraction is at the component level.
User identities are avoided in the request URLs when accessing resources where appropriate.
USERDATA is no longer shown as response header.
A potential DoS (denial of service) during Web Crawl task is not possible.
com.fasterxml.jackson.core:jackson-core 2.18.3 has been updated to patched version 2.18.6 to mitigate GHSA-72hv-8253-57qq

When using Advanced Search on Concepts tab the Concept Index now works as intended.
The 'Unlink' function now works as intended when unlinking custom scheme/ontology from core ontologies.
Problems where on logging to PoolParty was redirected to SSO login has been resolved.
License problem when accessing for PoolParty GraphSearch has been resolved and if license is missing a corresponding error message is displayed.
To prevent loss of advanced URI settings during ppar import, the original URI generation can be kept by selecting "Keep the project settings" in the import dialog.
If problem occurs during project export a corresponding error message is displayed. Furthermore, labels can include values such as '+' without affecting the URIs and project can be exported as RDF/XML.
The redirect of the SPARQL endpoint of projects now works as intended.
Unauthenticated users are now automatically redirected back to the wiki frontend upon successful login.

In this section: