Note, CD Browser 1.4.07 and higher must now run with the Java Runtime Environment (JRE) 1.7 or higher. List of Fixes (or Enhancements) included in Connect:Direct Browser User Interface 1.5.0.2 1. QC 19263 Allow special characters in the local user proxy password. 2. R330660 Upgraded jetty jars to resolve the DoS vulnerability issue. 3. R336997 Added idle session timeout. 4. R374022 MHTML, XSS error avoidance. 5. R398885 JRE Upgrade 6. R401217 Support Windows userids with embedded blanks. 7. R402741 New C:D z/OS NETMAP keywords 8. R435060 Updated Add/Change User Proxy Upload/Download to display "User" radio button only for C:D Windows. 9. R448380 Upgraded java to IBM JRE 1.7.0. SR7 FP1 10. R449438 Updated installation to support Windows Server 2012 r202. 11. R464106 Description of problem: A C:D Process that contains single quotes within the double-quoted sysopts received a parsing error from the C:D server. Description of fix: Convert the HTML code ' to single quotes before encrypting the process text and sending it to the C:D server. 12. R469518 Changed directory for properties when using Liberty to be defaultServer/cdbrowser instead of temporary workarea. Updated CDJAI to pick up fix 14. 13. R469518 Upgraded java to IBM JRE 1.7.0 SR9 FP10. Changed property file directory when using Liberty. Updated CDJAI. 14. R478059 When creating the property files for CDBrowser configuration, don't change the path to lowercase letters, which causes an extra directory structure in UNIX. 15. R482823 Correctly retrieve the specified keystore from the system properties for use by Jetty, so that if the default keystore.jks is renamed or removed, there won't be errors. 16. R492657 Upgraded java to IBM JRE 1.7.0.9.30 SR9 FP30. 17. R506015 Removed default error handler so context directories are not displayed. R506016 Added custom error handler so that stack traces are not displayed for exceptions. R504886 Update installation to automatically deploy upgrades and persist property settings. 18. Upgraded Java to IBM JRE 1.7.0.9.50 SR9 FP50 19. Upgraded Java to IBM JRE 1.8.0.4.1 (1.8.0.3.20 for HI-IA) and changed the keycert in keystore.jks to SHA-256 20. Upgraded Java to IBM JRE 8.0.5.11 (8.0.5.10 for Solaris and HP-IA ) 21. Upgraded Java to IBM JRE 8.0.5.17 (8.0.5.15 for Solaris and HP-IA ) 22. Upgraded Java to IBM JRE 8.0.5.22 (8.0.5.17 for SolariSparc, SolarisIntel & HP-IA). Updated the CDAIJ JAR MFT-9949 Updated jasper-runtime-5.5.23.jar from jasper-runtime-5.5.15.jar Updated Jetty Version to 9.4.6 23. MFT10057 Updated Jetty Version to 9.4.14 Resolved version disclosure issue with iFix22 24. MFT-10208 Upgraded java to IBM JRE 8.0.5.30 MFT-10296 Upgraded java to IBM JRE 8.0.5.30 Clickjacking Issue fixed removed struts 1 references from C:D Browser code. 25. MFT-10392 Upgraded java to IBM JRE 8.0.5.37 Jetty update to 9.4.19 26. CDBR-1521 Jasper -runtime upgrade Upgraded Java to IBM JRE 8.0.6.5