Release date: 7 April 2022
Known Issues
As a host, trying to end a maintenance window through Swagger UI may fail. This happens because Swagger UI uses cookies for authentication, which are lost when you close the browser.
To end the maintenance mode via API, use one of the following workarounds:
- Do not close the browser and make the POST request to
/api/Maintenance/End
from the Swagger UI. - Use an API testing application (for example, Postman) to:
retrieve an access token by exchanging your credentials to the/api.Account/Authenticate
endpoint, and then
make a POST request to the/api/Maintenance/End
endpoint using theAuthorization: Bearer {access_token}
header.
Bug Fixes
An issue was fixed that would allow an attacker with privileged access to a robot to retrieve the LicenseKey (MachineKey) of other robots within the same tenant by brute forcing API calls to Orchestrator. This would theoretically allow the attacker to access resources restricted only to that robot.
Read the security advisory for UiPath - Robot Account Takeover.
See Activity Package Versions
The following activity packages and versions are included in the UiPathOrchestrator.msi
installer:
Activity Pack | Version |
---|---|
UiPath.UIAutomation.Activities | v21.4.4 |
UiPath.System.Activities | v21.4.1 |
UiPath.Mail.Activities | v1.10.5 |
UiPath.Excel.Activities | v2.10.4 |
UiPath.IntelligentOCR.Activities | v4.13.2 |
UiPath.PDF.Activities | v3.4.0 |
UiPath.Terminal.Activities | v2.2.0 |
UiPath.Web.Activities | v1.7.0 |
UiPath.Word.Activities | v1.6.4 |
UiPath.Form.Activities | v1.1.11 |
UiPath.Persistence.Activities | v1.2.2 |
UiPath.Presentations.Activities | v1.1.5 |
UiPath.MobileAutomation.Activities | v21.4.3 |
UiPath.Testing.Activities | v1.3.3 |
Updated 11 months ago