Qlik Community

Support Updates Blog

Important and useful support information about end-of-product support, new service releases, and general support topics.

Announcements
Support Case Portal has moved to Qlik Community! Read the FAQs to start exploring Support resources.
Pamela_Whitney
Support
Support

Qlik releases new QlikView Service Releases and new Qlik Sense Patches to address a security vulnerability.

Dear Qlik users,

Today we have released four new service releases across all currently supported major versions of QlikView* and six new patches across the latest versions of Qlik Sense. If you are using the following versions, this information is for you:

  • QlikView 11.20
  • QlikView 12.00*
  • QlikView 12.10
  • QlikView 12.20
  • QlikView 12.30
  • Qlik Sense Enterprise any 2017 version or prior
  • Qlik Sense Enterprise February 2018
  • Qlik Sense Enterprise April 2018
  • Qlik Sense Enterprise June 2018
  • Qlik Sense Enterprise September 2018
  • Qlik Sense Enterprise November 2018
  • Qlik Sense Enterprise February 2019 

These new service releases and patches include a fix for a security vulnerability, details of which can be found in Security Bulletin SB 000069985.

Known internally as QLIK-94388, each new service release and patch includes, at the minimum, the fix for this vulnerability. The patches for the following Qlik Sense releases also includes other, non-security related product defect fixes.

  • June 2018 Patch 3
  • September 2018 Patch 4
  • November 2018 Patch 4

For details, please see the attached release notes.  For all other release notes, please refer to our download site.

Please note this patch is branched directly for the latest patch. For example, by applying Qlik Sense February 2019 Patch 2, you will also receive every fix released in Qlik Sense February Patch 1. For more details about the fixes applied in the previous patch(es), please have a look at the release note. 

The information in this post and Security Bulletin 000069985 are disclosed in accordance with our published Security and Vulnerability Policy.

 

Updated 5/1/2019: For further reference, we have created a list of frequently asked questions and answers which can be found here SB 000069985 FAQ.  

 

* QlikView 12.00 is no longer officially supported.   QlikView 11.20 is under Extended Support.

24 Comments
rzenere_methode
Partner
Partner

I confirm the same behaviour with the Security Rule also on September 2018.
I believed it was related to the previous Patch, that was skipped for this last one.

0 Likes
6,195 Views
analienx
Contributor III
Contributor III

Hi @rzenere_methode  indeed this is serious issue as you can read in my post :

https://community.qlik.com/t5/Qlik-Support-Updates-Blog/Qlik-Sense-November-2018-Patch-3-is-now-avai...

Since fixing security vulnerability is basically a must for most of companies one has to think about new development approach and security rules/custom properties change to adjust this.

 

0 Likes
6,151 Views
Ronnie_Taborn
Support
Support

Or,

Thank you  for bringing this to the attention of Qlik support. I work on the escalations team. Did you upgrade from an older version like November 2018 or September 2018 to February 2019?   

6,070 Views
Or
Master
Master

@Ronnie_TabornUpgraded from February 2019 to the current patch. I believe we had the initial release of February 2019 but I'm not entirely sure - this was a little bit of a rush job to squeeze the upgrade into a previously-scheduled maintenance window under the assumption that no significant testing would be required.

0 Likes
6,035 Views
Ronnie_Taborn
Support
Support

Or,

I installed February 2019 IR and created some test apps with the default image thumbnail.  I installed the February Patch 1 and the default thumbnails changed from the Qlik circles to a blue background. I created some more apps and changed the thumbnail  from to something custom and installed February Patch 1. The thumbnails didn't change for the custom apps. The thumbnail change is the default for February Patch 1 and Patch 2.  The change isn't a bug but the default.  We are updating the documentation.  Please let me know if you have any questions. 

0 Likes
5,953 Views
Bill_Britt
Support
Support

It does look like the change was with Patch 1

0 Likes
5,920 Views