diff --git a/modules/release-notes/pages/index.adoc b/modules/release-notes/pages/index.adoc index d011b5cb..18c3ce2b 100644 --- a/modules/release-notes/pages/index.adoc +++ b/modules/release-notes/pages/index.adoc @@ -257,6 +257,40 @@ Permit users having the new prilivege `APP_ACCESS_LOG` (included in the `globald == Fixed issues +=== Fixed and Improved in 4.1.4 + +==== Functionality + +* Fixed an issue that affected GSQL startup reliability during upgrades by addressing a library loading condition (GLE-11223). +* Fixed an issue in GraphStudio that prevented the Proxy Group tab under All Users from loading correctly (APPS-3973). +* Fixed an issue where token generation could become unresponsive during schema change operations by optimizing the workflow (GLE-11726). +* Fixed an issue that caused intermittent errors during legacy token validation (GLE-11714). +* Fixed an issue where CPU utilization in engine logs appeared lower than expected in Docker and Kubernetes environments (CORE-5320). +* Fixed an issue where users with `querywriter` permissions encountered a `query not found` message when using Save As in GraphStudio (APPS-4066). +* Fixed an issue where users with the `CREATE_QUERY` privilege were unable to create new queries in GraphStudio (APPS-4002). + +==== Improvements + +* Improved the accuracy of license-related alerts by refining vertex count calculations (CORE-5116). +* Improved accessibility in GraphStudio with enhanced keyboard navigation and screen-reader support (APPS-4078). +* Improved overall accessibility in GraphStudio, including navigation consistency, color contrast, and interactive element behavior (APPS-4076). +* Added support for configuring file permissions when exporting results using `PRINT TO_CSV`, providing more flexibility than fixed defaults (GLE-11320). +* Improved upgrade logs with clearer messaging during version installation steps (TP-8428). + +==== Security + +* Refined loading job summary output by replacing detailed error information with line numbers for invalid entries (TP-8627). +* Improved configuration security by masking AWS credential values in `gadmin` outputs (TP-8532). +* Strengthened API behavior for `/auth/simple` and `/internal/info` by limiting unnecessary metadata visibility (GLE-10745). +* Improved system behavior during cluster changes by addressing a condition affecting GPE when replica counts varied (CORE-4966). +* Improved MaxFlow algorithm consistency to ensure results match documented examples (GLE-10736). +* Third-party Vulnerabilities NOT impacting TigerGraph: ++ +Fixed the following security vulnerabilities: CVE-2023-7008, CVE-2024-6763, CVE-2025-0913, CVE-2025-11226, CVE-2025-22233, CVE-2025-22871, CVE-2025-22874, CVE-2025-27817, CVE-2025-27818, CVE-2025-27819, CVE-2025-41234, CVE-2025-41242, CVE-2025-41249, CVE-2025-4673, CVE-2025-46701, CVE-2025-47907, CVE-2025-48734, CVE-2025-48924, CVE-2025-48988, CVE-2025-48989, CVE-2025-49125, CVE-2025-49146, CVE-2025-52520, CVE-2025-53506, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, and CVE-2025-58457. ++ +Third-party Vulnerability impacting TigerGraph: None + + === Fixed and Improved in 4.1.3 ==== Functionality