VeriStand 2023 Q4 Bug Fixes

Overview

The following items are notable issues fixed between the release of VeriStand 2023 Q3 and VeriStand 2023 Q4, including additional patches and service packs. If you have an issue ID, you can search this list to validate that the issue has been fixed. This is not an exhaustive list of issues fixed in the current version of VeriStand.

Bug Number

Legacy ID

Description

Details

2442342

VeriStand crash when input wire of a calculated channel is broken

If a calculated channel node on the mapping diagram has been modified from the system definition, and it contains a broken or disconnected wire leading into its input, attempting to save crashes VeriStand. This can occur when a calculated channel's input is mapped to a destination channel.

Workaround:

There is currently no known workaround for this issue.

Reported Version:

VeriStand 2023 Q1 | VeriStand 2023 Q2

Resolved Version:

VeriStand 2023 Q4

Added:

Oct 13, 2023

2522427

VeriStand Custom Device Offline API leaks .NET handles when adding sections and channels

The custom device offline API, valuable for performantly adding items to a VeriStand system definition, leaks memory which can prevent its successful use in large custom devices.

Workaround:

There is currently no known workaround for this issue.

Reported Version:

VeriStand 2023 Q3

Resolved Version:

VeriStand 2023 Q4

Added:

Oct 13, 2023

2323294

Undeploying from remote host through VeriStand Editor results in disconnect rather than undeploy

When connected to a remote gateway, undeploying from the VeriStand editor results in disconnecting from the target rather than undeploying.

Workaround:

Workaround: either undeploy locally, use the legacy project explorer, or the .NET API.

Reported Version:

VeriStand 2023 Q2

Resolved Version:

VeriStand 2023 Q4

Added:

Oct 13, 2023

Fix Security Issue for CVE-2024-6805: Missing Authorization Checks in VeriStand Gateway

The VeriStand Gateway does not perform authorization checks when the users attempt to access it's services. This may result in information disclosure or remote code execution.

Workaround:

To ensure the security of the VeriStand Gateway on your system against unauthorized remote access, adhere to the guidelines in this document.

Reported Version:

VeriStand 2021 R3 | VeriStand 2023 Q4

Resolved Version:

VeriStand 2023 Q4 Patch 1

Added:

N/A

Fix Security Issues for CVE-2024-6675 and CVE-2024-6793: Deserialization of Untrusted Data in VeriStand

Deserialization of untrusted data may result in remote code execution while opening a project, using data logging and waveform streaming services of VeriStand Gateway

Workaround:

There is currently no known workaround for this issue.

Reported Version:

VeriStand 2021 R3 | VeriStand 2023 Q4

Resolved Version:

VeriStand 2023 Q4 Patch 1

Added:

N/A

Fix Security Issue for CVE-2024-6791: Susceptibility to "directory traversal attack" when loading vsmodels

A directory path traversal vulnerability exists when loading a vsmodel file in VeriStand that may result in remote code execution.

Workaround:

There is currently no known workaround for this issue.

Reported Version:

VeriStand 2021 R3 | VeriStand 2023 Q4

Resolved Version:

VeriStand 2023 Q4 Patch 1

Added:

N/A

Additional Patch Information

Installing some patches may require certain additional steps or considerations. Please refer to the following table for more information about patches for this release.

These patches currently do not have any special instructions.

Glossary of Terms

 

  • Bug ID - When an issue is reported to NI, you may be given this ID or find it on ni.com.  You may also find IDs posted by NI on the discussion forums or in KnowledgeBase articles.
  • Legacy ID – An older issue ID that refers to the same issue.  You may instead find this issue ID in older known issues documents.
  • Description - A few sentences which describe the problem. The brief description given does not necessarily describe the problem in full detail.
  • Workaround - Possible ways to work around the problem.
  • Reported Version - The earliest version in which the issue was reported.
  • Resolved Version - Version in which the issue was resolved or was no longer applicable. "N/A" indicates that the issue has not been resolved.
  • Date Added - The date the issue was added to the document (not the reported date).