Edited December 5th: identified upgrades leading to complications with extensions Edited December 6th: added workaround for extension complication Edited December 10th: added CVEs (CVE-2024-55579 and CVE-2024-55580) Edited December 12th, noon CET: added new patch versions and visualization and extension fix details; previous patches were removed from the download site
Hello Qlik Users,
New patches have been made available and have replaced the original six releases. They include the original security fixes (CVE-2024-55579 and CVE-2024-55580) as well as QB-30633 to resolve the extension and visualization defect.
Today, we have released six service releases across the latest versions of Qlik Sense to patch the reported issue. All versions of Qlik Sense Enterprise for Windowsprior to and including these releases are impacted:
May 2024 Patch 9
February 2024 Patch 13
November 2023 Patch 15
August 2023 Patch 15
May 2023 Patch 17
February 2023 Patch 14
No workarounds can be provided. Customers should upgrade Qlik Sense Enterprise for Windows to a version containing fixes for these issues. November 2024 IR, released on the 26th of November, contains the fix as well.
November 2024 Initial Release
May 2024 Patch 10 or 11 (both valid)
February 2024 Patch 14 or 15 (both valid)
November 2023 Patch 16 or 17 (both valid)
August 2023 Patch 16 or 17 (both valid)
May 2023 Patch 18 or 19 (both valid)
February 2023 Patch 15 or 16 (both valid)
This issue only impacts Qlik Sense Enterprise for Windows. Other Qlik products including Qlik Cloud and QlikView are NOT impacted.
The Security Notice label is used to notify customers about security patches and upgrades that require a customer’s action. Please subscribe to the ‘Security Notice’ label to be notified of future updates.
Please review the relevant Release Notes to find out what issues are fixed in the patch you plan to use. The ID you mentioned can be found in the list.
Hi @Sonja_Bauernfeind May i ask i have upgraded to Qlik Sense May 2023 Patch 19 and NPrinting May 2023 Service Release 6, when i run the NPrinting task with QlikEntity type, there is error - ERROR: CEF rendering exception. Error during GRPC request.When I check the nprinting_engine_cef.log it says: "Engine.Navigator.QlikSense.SDK.Rendering.MashupLoadException: request with id xxxxxxxxxxxxxxxxx failed with remote error ErrorLoadurlTimeoutResult, mashup load failure. I have tried so many methods but the issue is still there. Kindly advise.
To troubleshoot upgrade issues, please post in the appropriate forum on the community or contact Support for more direct assistance. We are unable to provide you with troubleshooting help in this blog post thread.
Hi @Sonja_Bauernfeind , we currently have Qlik Sense Enterprise for Windows for the November 2022 release, do we have a security patch for that release?
November 2022 is outside of the 2 year support window.
You solution is going to be to upgrade to a version inside that 2 year window and patch that. Slightly more work but you get the bonus of new features.
No patches are available for Qlik Sense versions that fall outside of support. Please upgrade to a supported version to make use of continued patches and security fixes.
