The Qlik February 2020 release has been delayed by a couple of weeks due to a security vulnerability that recently surfaced with Node.js, which is impacting a large portion of the software industry. The release is expected to be delivered before the end of the month, with a target date of February 25th, as Qlik is actively running tests to ensure that the February GA release is stable and not affected by this security malware.
To read more about this vulnerability: https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/.
Uhm ok, but what about current version of Qlik Sense installed all over the world? How does this nodejs vulnerability impact those installations?
All - I have sent this discussion thread to the appropriate individuals - we should have a reply shortly.
All - I have been informed that patches will be released for previous releases. I don't have a time-frame - but they are actively working on the fixes. Please let me know if you have any other questions.
We have upgraded our systems to Qliksense Nov 2019. What about the impact on that? Do you recommend us upgrading to Feb 2020 just to avoid any risk? We have high security data in our app and my client is in Financial Services. Please advise us the next steps
Hi Lakshmi - I would upgrade to Feb 2020 once released if possible - but there will be patches for previous releases I am told. I just don't know when the previous patches will be available.
Thanks Mike. We have raised a ticket with Qlik on the same topic and Qlik has recommended we update the patch available for Nov 2019 when it is available. That will work for now.
We will look into Feb 2020 upgrade a little later as we need some more time to prepare the systems