From 1f988b1ce123454d15180096e01d050033d40b43 Mon Sep 17 00:00:00 2001 From: Tushar-TG-14 Date: Fri, 31 Oct 2025 19:36:35 +0530 Subject: [PATCH 1/3] DOC-3035: Added bug fixes for version 4.1.4 Added details on fixed issues, improvements, and security enhancements in version 4.1.4. --- modules/release-notes/pages/index.adoc | 29 ++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/modules/release-notes/pages/index.adoc b/modules/release-notes/pages/index.adoc index d011b5cb..7951e58a 100644 --- a/modules/release-notes/pages/index.adoc +++ b/modules/release-notes/pages/index.adoc @@ -257,6 +257,35 @@ Permit users having the new prilivege `APP_ACCESS_LOG` (included in the `globald == Fixed issues +=== Fixed and Improved in 4.1.4 + +==== Functionality + +* Fixed issue where GSQL occasionally failed to start during upgrade due to invalid or corrupted library files (GLE-11223). +* Fixed issue where GraphStudio became inaccessible in certain areas of the Admin Portal, including the Proxy Group tab under *All Users* (APPS-3973). +* Fixed issue where JWT token generation could become unresponsive during schema change operations caused by an unnecessary lock (GLE-11726). +* Fixed issue where legacy token validation occasionally failed with a `NoSuchElementException` error (GLE-11714). +* Fixed issue where engine logs displayed lower-than-actual CPU utilization in Docker and Kubernetes environments (CORE-5320). + +==== Improvements + +* Fixed issue that caused false alerts for exceeding license limits due to incorrect vertex count reporting (CORE-5116). +* Improved accessibility in GraphStudio for screen readers and keyboard navigation (APPS-4078). +* Improved overall accessibility in GraphStudio, addressing issues with Logout/Menu buttons, color contrast, and navigation consistency (APPS-4076). +* Added support for configuring file permissions when exporting query results with `PRINT TO_CSV`, instead of using hardcoded defaults (GLE-11320). +* Improved upgrade logs with a clearer message: Installation of new TigerGraph version (TP-8428). + +==== Security + +* Eliminated the potential exposure of personally identifiable information (PII) in loading job summary files by replacing detailed data with line numbers for invalid entries (TP-8627). +* Eliminated a security vulnerability that allowed AWS credentials to be read in plain text using the gadmin config get command. These values are now masked (TP-8532). +* Fixed unauthorized exposure of graph name and creator information via the `/auth/simple` and `/internal/info` APIs (GLE-10745). +* Fixed a GPE crash caused by removing a cluster node or when a Disaster Recovery cluster has fewer replicas than the primary cluster (CORE-4966). +* Fixed the MaxFlow algorithm to return correct results, consistent with documented examples (GLE-10736). +* Fixed the following security vulnerabilities: +CVE-2023-7008, CVE-2024-6763, CVE-2025-0913, CVE-2025-11226, CVE-2025-22233, CVE-2025-22871, CVE-2025-22874, CVE-2025-27817, CVE-2025-27818, CVE-2025-27819, CVE-2025-41234, CVE-2025-41242, CVE-2025-41249, CVE-2025-4673, CVE-2025-46701, CVE-2025-47907, CVE-2025-48734, CVE-2025-48924, CVE-2025-48988, CVE-2025-48989, CVE-2025-49125, CVE-2025-49146, CVE-2025-52520, CVE-2025-53506, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, and CVE-2025-58457. + + === Fixed and Improved in 4.1.3 ==== Functionality From 3a1690750bbcc19141488f9f6d167d80836f8085 Mon Sep 17 00:00:00 2001 From: Tushar-TG-14 Date: Wed, 19 Nov 2025 00:05:17 +0530 Subject: [PATCH 2/3] DOC-3035: Add fixes for GraphStudio query errors --- modules/release-notes/pages/index.adoc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/release-notes/pages/index.adoc b/modules/release-notes/pages/index.adoc index 7951e58a..813d69ef 100644 --- a/modules/release-notes/pages/index.adoc +++ b/modules/release-notes/pages/index.adoc @@ -266,6 +266,8 @@ Permit users having the new prilivege `APP_ACCESS_LOG` (included in the `globald * Fixed issue where JWT token generation could become unresponsive during schema change operations caused by an unnecessary lock (GLE-11726). * Fixed issue where legacy token validation occasionally failed with a `NoSuchElementException` error (GLE-11714). * Fixed issue where engine logs displayed lower-than-actual CPU utilization in Docker and Kubernetes environments (CORE-5320). +* Fixed issue where a user with `querywriter` permissions encountered a `query not found` error when attempting to Save As a query in GraphStudio (APPS-4066). +* Fixed issue where a user with the `CREATE_QUERY` privilege failed to create a new query in GraphStudio, reporting a `query not found` error (APPS-4002). ==== Improvements From e8c92a517f73f38b40756fbe79514302c7538f2c Mon Sep 17 00:00:00 2001 From: Tushar-TG-14 Date: Fri, 21 Nov 2025 16:33:29 +0530 Subject: [PATCH 3/3] DOC-3035: Update release notes for version 4.1.4 Refined various fixes and improvements in GSQL, GraphStudio, and security configurations, enhancing functionality, accessibility, and system reliability. --- modules/release-notes/pages/index.adoc | 41 ++++++++++++++------------ 1 file changed, 22 insertions(+), 19 deletions(-) diff --git a/modules/release-notes/pages/index.adoc b/modules/release-notes/pages/index.adoc index 813d69ef..18c3ce2b 100644 --- a/modules/release-notes/pages/index.adoc +++ b/modules/release-notes/pages/index.adoc @@ -261,31 +261,34 @@ Permit users having the new prilivege `APP_ACCESS_LOG` (included in the `globald ==== Functionality -* Fixed issue where GSQL occasionally failed to start during upgrade due to invalid or corrupted library files (GLE-11223). -* Fixed issue where GraphStudio became inaccessible in certain areas of the Admin Portal, including the Proxy Group tab under *All Users* (APPS-3973). -* Fixed issue where JWT token generation could become unresponsive during schema change operations caused by an unnecessary lock (GLE-11726). -* Fixed issue where legacy token validation occasionally failed with a `NoSuchElementException` error (GLE-11714). -* Fixed issue where engine logs displayed lower-than-actual CPU utilization in Docker and Kubernetes environments (CORE-5320). -* Fixed issue where a user with `querywriter` permissions encountered a `query not found` error when attempting to Save As a query in GraphStudio (APPS-4066). -* Fixed issue where a user with the `CREATE_QUERY` privilege failed to create a new query in GraphStudio, reporting a `query not found` error (APPS-4002). +* Fixed an issue that affected GSQL startup reliability during upgrades by addressing a library loading condition (GLE-11223). +* Fixed an issue in GraphStudio that prevented the Proxy Group tab under All Users from loading correctly (APPS-3973). +* Fixed an issue where token generation could become unresponsive during schema change operations by optimizing the workflow (GLE-11726). +* Fixed an issue that caused intermittent errors during legacy token validation (GLE-11714). +* Fixed an issue where CPU utilization in engine logs appeared lower than expected in Docker and Kubernetes environments (CORE-5320). +* Fixed an issue where users with `querywriter` permissions encountered a `query not found` message when using Save As in GraphStudio (APPS-4066). +* Fixed an issue where users with the `CREATE_QUERY` privilege were unable to create new queries in GraphStudio (APPS-4002). ==== Improvements -* Fixed issue that caused false alerts for exceeding license limits due to incorrect vertex count reporting (CORE-5116). -* Improved accessibility in GraphStudio for screen readers and keyboard navigation (APPS-4078). -* Improved overall accessibility in GraphStudio, addressing issues with Logout/Menu buttons, color contrast, and navigation consistency (APPS-4076). -* Added support for configuring file permissions when exporting query results with `PRINT TO_CSV`, instead of using hardcoded defaults (GLE-11320). -* Improved upgrade logs with a clearer message: Installation of new TigerGraph version (TP-8428). +* Improved the accuracy of license-related alerts by refining vertex count calculations (CORE-5116). +* Improved accessibility in GraphStudio with enhanced keyboard navigation and screen-reader support (APPS-4078). +* Improved overall accessibility in GraphStudio, including navigation consistency, color contrast, and interactive element behavior (APPS-4076). +* Added support for configuring file permissions when exporting results using `PRINT TO_CSV`, providing more flexibility than fixed defaults (GLE-11320). +* Improved upgrade logs with clearer messaging during version installation steps (TP-8428). ==== Security -* Eliminated the potential exposure of personally identifiable information (PII) in loading job summary files by replacing detailed data with line numbers for invalid entries (TP-8627). -* Eliminated a security vulnerability that allowed AWS credentials to be read in plain text using the gadmin config get command. These values are now masked (TP-8532). -* Fixed unauthorized exposure of graph name and creator information via the `/auth/simple` and `/internal/info` APIs (GLE-10745). -* Fixed a GPE crash caused by removing a cluster node or when a Disaster Recovery cluster has fewer replicas than the primary cluster (CORE-4966). -* Fixed the MaxFlow algorithm to return correct results, consistent with documented examples (GLE-10736). -* Fixed the following security vulnerabilities: -CVE-2023-7008, CVE-2024-6763, CVE-2025-0913, CVE-2025-11226, CVE-2025-22233, CVE-2025-22871, CVE-2025-22874, CVE-2025-27817, CVE-2025-27818, CVE-2025-27819, CVE-2025-41234, CVE-2025-41242, CVE-2025-41249, CVE-2025-4673, CVE-2025-46701, CVE-2025-47907, CVE-2025-48734, CVE-2025-48924, CVE-2025-48988, CVE-2025-48989, CVE-2025-49125, CVE-2025-49146, CVE-2025-52520, CVE-2025-53506, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, and CVE-2025-58457. +* Refined loading job summary output by replacing detailed error information with line numbers for invalid entries (TP-8627). +* Improved configuration security by masking AWS credential values in `gadmin` outputs (TP-8532). +* Strengthened API behavior for `/auth/simple` and `/internal/info` by limiting unnecessary metadata visibility (GLE-10745). +* Improved system behavior during cluster changes by addressing a condition affecting GPE when replica counts varied (CORE-4966). +* Improved MaxFlow algorithm consistency to ensure results match documented examples (GLE-10736). +* Third-party Vulnerabilities NOT impacting TigerGraph: ++ +Fixed the following security vulnerabilities: CVE-2023-7008, CVE-2024-6763, CVE-2025-0913, CVE-2025-11226, CVE-2025-22233, CVE-2025-22871, CVE-2025-22874, CVE-2025-27817, CVE-2025-27818, CVE-2025-27819, CVE-2025-41234, CVE-2025-41242, CVE-2025-41249, CVE-2025-4673, CVE-2025-46701, CVE-2025-47907, CVE-2025-48734, CVE-2025-48924, CVE-2025-48988, CVE-2025-48989, CVE-2025-49125, CVE-2025-49146, CVE-2025-52520, CVE-2025-53506, CVE-2025-55163, CVE-2025-58056, CVE-2025-58057, and CVE-2025-58457. ++ +Third-party Vulnerability impacting TigerGraph: None === Fixed and Improved in 4.1.3