Geneva fixes

The Geneva release contains fixes to these problems.

For more information about how to upgrade an instance, see Upgrade to Geneva.

For more information about the release cycle, see the ServiceNow Release Cycle. For a downloadable, sortable version of Geneva fixed problems, see KB0598265.

Note: This version is approved for FedRAMP.
This topic lists security-related and notable fixes. For a complete list of fixes (PDF), see Fixed problems in the Geneva release (KB0552811).
Note: This version is approved for FedRAMP.

Security

Table 1. Security-related fixes in the Geneva release
Problem Short description
PRB621838 Stored Cross-Site Scripting in URL type field
PRB627529 Unprivileged users can create email notifications
PRB614430 Single Sign-On security enhancements
PRB607044 Reflective Cross-Site Scripting in Page Not Found
PRB632598 Cross-site scripting
PRB625499 Stored cross-site scripting
PRB627237 Security Enhancements for AppStore
PRB627248 A cross-site scripting issue occurs
PRB621842 A potential exists where a user may submit a specially crafted request to execute arbitrary JavaScript
PRB630355 A potential exists where an authenticated user can execute arbitrary queries
PRB648966 A potential exists where a user may submit a specially crafted request to allow limited execution of JavaScript
PRB632644 Reflected Cross-Site Scripting

Notable fixes

Notable fixes are fixes to problems that affected a significant number of customers or otherwise had a notable impact to the ServiceNow platform or its applications. For a complete list of fixes (PDF), see Fixed problems in the Geneva release (KB0552811).

Table 2. High-impact fixes in the Geneva release
Category Problem Short Description
Assessment PRB622639 Multiple issues with Risk Assessment popup related to various Question Types
CMS PRB630528 CMS buttons disappear when entering text into multi-line variable
Dev - Event Mgmt PRB642444 Scheduled job "Event Management - create/resolved incidents by alerts" triggers cache flush every 11 seconds after upgrade to Fuji Patch 7
Email PRB588444

Emails open very slowly from the list view of the sys_email table

Email PRB619994 Notification plugin adds column to sys_email making the shards in table rotation give a "Syntax Error or Access Rule Violation" error
Email PRB626176

Errors when referencing the "event" variable in Inbound Email Actions

Email PRB621236

TinyMCE is pre-pending a '/' to URL links in notifications created from Survey and other events

Email PRB606816 Pulling HTML fields into notifications using field substitution adds extra line breaks
Financial Management PRB625771 After installing IT Financial Management plugin, a script include is executed as a job that inserts an excessive amount of data
Form Rendering PRB624607

Possible to click "Submit" button multiple times when creating a record

Import / Export PRB633319 LDAP listeners stop functioning
Knowledge Management PRB629756

Knowledge v3 search and search results do not render correctly when glide.ui.escape_text is false

Knowledge Management PRB638127

Users without the admin role are unable to create knowledge articles

List Rendering PRB583235

Three New buttons display on Audit Records related list

List Rendering PRB623943

Setting "Time Ago" in related list does not display correct time

List Rendering PRB626309

The Related List Loading option "After Form Loads" automatically scrolls down to related lists on the record

MID Server PRB638266 MID server errors on Discovery after upgrade to Fuji
Mobile PRB598639 [Mobile UI] Smartphone interface: created ACLs not working correctly
Mobile PRB605880

Mobile App does not work with instances using SAML Authentication

Mobile PRB631927 Multi-Provider SSO External Authentication not redirecting properly in Mobile App upon login
Persistence PRB608472 New table rotation shards are not created when the dictionary collection entry of the previous shard goes missing
Persistence PRB604427 Creating a UNIQUE index via the UI with online alter enabled corrupts the table if the data is not unique
Persistence PRB643387 Sharding audit on a SQL gateway may cause a subquery against history lines to fail
Persistence PRB647370 Clone fails and stack overflow exception occurs after executing run-instance script
Persistence PRB646685 Table Cleaner job runs longer than expected and runs periodically for some tables
Platform as a Service PRB598173

Upgrading to Dublin deletes baseline homepages

Platform Security PRB582996

Dot-walked task fields do not display contents in other list layouts unless the user has the admin role

Project Management PRB641162 Project Portfolio gauge does not show the updated name if it is changed after being added
Reporting PRB622983

Scheduled report did not generate chart in PDF file

Reporting PRB619996

"Minimize" preference setting not retained for reports

Service Catalog PRB628088

In UI15, the list collector variable on a form registers a change that triggers the Confirm Navigation dialog box

Service Catalog PRB642841

Two threads attempting to use the same HashMap cause semaphores to hang

Service Catalog PRB623458

HTML tags display in read-only multi-line text variable

Service Catalog PRB629475

Service catalog items not sorted alphabetically

Service Catalog PRB639752

Customers using "Category.getItems" have stuck "/catalog_home.do" transactions, causing instance functionality degradations

Tables and Dictionary PRB626941

Dictionary Choice Field is blank in Fuji

User Interface (UI) PRB640361 [Microsoft Edge] 'Go to' field drop down in list search is misaligned
User Interface (UI) PRB637607

Workflow stages do not display correctly in Requested Items

User Interface (UI) PRB610493

Settings for the glide.ui.navpage.state user preference cause a browser to hang

User Interface (UI) PRB635426

After reloading or saving a record, the Activity Filter does not render Activity entries (such as the date/time stamp) when expanding

User Interface (UI) PRB609257

ui_page_footer raw HTML renders on redirect page after performing exact match global search

User Interface (UI) PRB635083 Attachments do not adhere to file type property and file size property constraints for non-admins
User Interface (UI) PRB626878

Reference fields made read-only using UI Policy or Client Script can still be edited using the lookup icon

User Interface (UI) PRB629794

Script fields do not render after upgrade to Fuji Patch 3 if high security plugin is not active on the instance

User Interface (UI) PRB641278

Table name and Table sys ID in sys_attachment are empty when attaching via TinyMCE editor

User Interface (UI) PRB626094

Compact Date/Time changes the timezone to PST

User Interface (UI) PRB628742

On Internet Explorer 9 and 10, using the Calendar (date picker) triggers the "Are you sure you want to leave this page?" dialog box

User Interface (UI) PRB593474 Creating a bookmark from a module results in an absolute link, which will break if the instance is cloned
User Interface (UI) PRB633258 Images are not showing in activity log
Visual Task Boards PRB631645 Unable to move VTB cards from one lane to another using the mouse on a Surface Pro in Windows 8 on the desktop UI
Workflow PRB627451

Approval User activity does not work when using group sys ID

Workflow PRB645417

The glide.workflow.script.strict property may be set to true after an upgrade unless it was explicitly set by the customer

Workflow PRB628101 Not all stages display in stage rendering widget when using Switch and Subflow