Note, cd browser 07 and higher must now run with the Java Runtime Environment (jre) 5 or higher. List of Fixes (or Enhancements) included in Connect: Direct Browser User Interface 5 2

1. 
   QC 19263 Allow special characters in the local user proxy password.
   
2. 
   R330660 Upgraded jetty jars to resolve the DoS vulnerability issue.
   
3. 
   R336997 Added idle session timeout.
   
4. 
   R374022 MHTML, XSS error avoidance.
   
5. 
   R398885 JRE Upgrade
   
6. 
   R401217 Support Windows userids with embedded blanks.
   
7. 
   R402741 New C:D z/OS NETMAP keywords
   
8. 
   R435060 Updated Add/Change User Proxy Upload/Download to display "User" radio button only for C:D Windows.
   
9. 
   R448380 Upgraded java to IBM JRE 1.7.0. SR7 FP1
   
10. 
    R449438 Updated installation to support Windows Server 2012 r202.
    
11. 
    R464106 Description of problem: A C:D Process that contains single quotes within the double-quoted sysopts received a parsing error from the C:D server.
    Description of fix: Convert the HTML code ' to single quotes before encrypting the process text and sending it to the C:D server.
    
12. 
    R469518 Upgraded java to IBM JRE 1.7.0 SR9 FP10. Changed property file directory when using Liberty. Updated CDJAI.
    

2. SR 1371366 – Disabled directory browsing on the Jetty web server. The admin password in the trace file is obfuscated as well. The documentation for C: D Browser is now available from the Help Menu under Documentation. The user should navigate to the following URL to access C: D Browser (http://:

3. QC 13601 – Support for Netmap Checking LOCAL|REMOTE for C:D UNIX. Included updated C:D JAI jar with support for submitting processes > 8K.

4. QC 13903 – Modified the SubmitterParm method in C:D JAI Parser code to retreive statistics for z/OS by providing a submitter id.

5. QC 14356 – Changed the jettyBrowser.xml and webdefaultoverride.xml files to ASCII for z/OS installation.

6. QC 14419 – Allow "DAILY" keyword on start time.

7. QC 15182 – Honor setting of trace from configuration file.

8. New HTML help to remove DOM Based Cross-Site Scripting vulnerability.

9. Jetty Server upgraded to 6.1.21

10. The default logging level for C: D Browser is now set to “Minimal”. To change the logging level, navigate to the Configuration Menu and click on the System tab to select a different option.

11. Fixed the cross-site scripting issue

12. Removed references to AT&T.

13. Users can no longer access the property folder or the trace file from the browser.

14. Allow special characters in the local user proxy password.

15. Added support for Windows 7, 2008 and Vista.

16. Allow special characters in the local user proxy password

17. R330660 Upgraded jetty jars to resolve the DoS vulnerability issue.

2. SR 1368119 – Fixed issue with attempting to override a snode password with an ‘!’ was not allowed when submitting a process.

3. TD 262 - Added support for modified version value passed by CD UNIX 3.6.01+.

4. SR 1368496 – Added support for alt_comm_outbound and alternate comminfo in C:D Windows and C:D UNIX Netmap when appropriate.

5. SR 1368496 – Allow keywords to be specified with no value by accepting or ‘~[DATA]’.

6. Enhancement Request – Provide support for Group Authorities on Windows; Functional Authorities now include User Authorities and Group Authorities.

7. SR 1370062- Processes imported through the Process Builder can override the PNODEID or SNODEID with a user id and no password.

List of Fixes (or Enhancements) included in Connect:Direct Browser User Interface 1.4.08
8. SR 1366944 - Fixed Byte Count value in the Select Process Details screen from being displayed as a negative value when a large value is returned by the CD server.

9. SR 1366941 - Added default values when creating a new User Authority or Proxy object within CD Browser.

10. SR 1367037 – Fixed PDS member selection within the File Browser component. Members selected within a PDS are now formatted properly. Also, fixed issue when attempting to browse for a file using Mozilla Firefox.

11. SR 1367249 – Fixed issue where users that changed the default keystore location or password would not be able to startup CD Browser.

12. SR 1367249 – Fixed issue where users that changed the default truststore location on IBM AIX could not establish a secure connection to Connect:Direct.

13. Enhancement Request - Processes can now be changed, deleted, suspended via a popup menu, retaining the data on the main screen even after a processes has been modified.

7. Upgraded JRE (1.5.12) shipped with CD Browser which removes several security vulnerabilities.

8. SR # 1366213 - Fixed issue where symbolic variables were not being included in processes constructed in the Process Builder which caused process validation and submits to fail.

9. TD 257. Added Submit DSN field to Select Statistics Detail page.

10. Upgraded CD Browser internal CD JAI library which requires CD Browser to run with Java Runtime Environment 1.5 or greater.

11. TD 258. Added ALT.NODE and Type fields to Select Statistics Detail page.

12. Updated installer to support Windows Vista.
List of Fixes (or Enhancements) included in Connect:Direct Browser User Interface 1.4.06
Note, the Java installation will not be posted to the Support on Demand website due to an incompatibility with the Jetty servlet container not supporting the z/OS platform. The next maintenance release of Connect:Direct Browser will contain the z/OS compatible installer and will be due out a month after the 1.4.06 release. Estimated date for 1.4.07 release is 8/31/07.
13. SR #1365672 - Process import issue when the user is using IE 6 with HTTPS the file upload component fails due to a bug in IE.  Bumped up socket timeout (maxIdleTime) value for the jetty service so customer has longer to import a process.

14. SR #1366004 - Upgraded servlet container to Jetty 6.1.1 for security updates, JSP source file display and weak encryption fixes.

15. Upgraded installer to install JRE 1.5 rather than 1.4.2.

16. SR #1365958 – Fixed issue when specifying source or destination filename criteria in select statistics no data was returned.