DRS 6.1.21 - September 10, 2025

Type

Issue ID

Description

Change Notes

Bug

DRS-9034

Map Server Location and Domain Update

As part of our ongoing efforts to improve and secure our ongoing product, we have moved our Map Server to better align with our domain naming conventions and security policies. This move will now be set by default for all new customers and upgrade.

Defect

DRS-9132

Project Planner Close Project Command Improved

Changes have been made to the Close Project command, and other commands which update the status of Projects and Project Packages to a status of Completed. These commands will now exclude any objects which are already set to a status of 'Completed' and no longer attempt to update Business Data Objects on any related Objects.

Defect

DRS-9132

Purge Historical and Housekeeping Commands improved and hardened

An issue was found when the housekeeping enountered bad data and duplicate objects within logging and planning archive tables.  This has been improved to allow the service to remove duplicate rows without encountering an error to ensure the service completes as expected

Defect

DRS-8500

A vulnerability has been reported within the Spring4shell framework

A vulnerability was reported with the Spring4shell framework in use in some of the components within DRS.  A full investigation has been carried out and we can confirm that DRS is not applicable to the exploit. The exploit requires: JDK 9 or higher Apache Tomcat as the Servelet container Packaged as a WAR spring-webmvc or spring-webflux dependencies As DRS 6 and DRS 6.1 do not comply with these pre-requisites, we are not vulnerable to the exploit, however, where it has been possible to upgrade the Spring4Shell framework, this has been done to Spring4Shell 4.3.30. Opportunities to further upgrade this framework will be explored in later releases as priority allows

Defect

DRS-8616

Updating Time / Duration / Worker on planning board does not update the project screen

An issue was found when updating the scheduled duration from the Project Planner Planning Board.  It was noted that the Worker Assignment values were not updated inline with the updates to the Project Package. This has now been resolved and the new time will be updated in the field EFFORT TO BE COMPLETED.  Original Effort will not be updated.

Defect

DRS-8617

Split button is disabled on Project Package screen

It was reported that once a Project Package within a Project had been completed, the SPLIT and COMBINE buttons were not available to use with the remaining Project Packages on the Sublist. This behaviour has now changed to have the SPLIT and COMBINE buttons permanently available.  A check will be performed on the package when the option is selected to ensure the operation is valid.  A warning will be displayed to the user if the operation is invalid.

Defect

DRS-8621

SORs not always showing in SOR list from planning board

It was reported that it is possible to display no SOR's on Planned or Inprogress packages from the Planning Board. This behaviour was caused by an invalid pointer which can be triggered through a combination of user actions.  This has now been hardened to prevent the activity causing a blank list.

Defect

DRS-8867

Project auto completes if remaining packages are unspecified

It was reported that if all specified packages are set to complete, but there are additional unspecified SOR's on the project, the Project would auto-complete. This behaviour has been improved so that if a Project is Specified, but it has sor codes remaining unspecified allocated to is, and all other packages are completed, then the project status will be remain at Started. If there are no sor codes allocated to the project and all packages are completed then the project status will be set to completed.

Bug

DRS-9139

Project Planner Setting 'Reference Objects for Periods' requires a DRS restart before it takes effect

A change has been made so that if this parameter is changed, it will take immediate effect and no longer require an application restart.

Defect

DRS-8578

Live DRS V6 - no warning message when manually assigning Locked visits, we used to have it in V5

Behaviour for rescheduling of Locked jobs has changed between v5 and v6 where a warning message is no longer displayed. This has been reverted, so that if the job is originally time locked and the assignment changes, DRS will check if any of the locked items have changed and display a warning message to the user. If only the assignment changes and the Job is time locked, it will display a warning to say job is currently time locked, are you sure you want to continue? If only the Worker changes and the Job is Worker locked, it will display a warning to say job is currently worker locked, are you sure you want to continue? If both change, and both locks are applied, it will display a warning to say job is currently time and worker locked, are you sure you want to continue?  If the user confirms to continue, the selected changes will be enforced and the locks will be reapplied after the reschedule.

Bug

DRS-8907

Password hardening: Weak and Common passwords were accepted

In regular security testing, it was found that if the rules relating to dictionary based attacks were enforced, it was possible to bypass them with a sophisticated attack. Changes have been made to harden the security posture of the Password Security functionality to prevent this exploit going forward

Function

Version

DRS Server (Kernel)

6.3.1.9

Background Service

6.1.21

Connector Services

6.1.21

Inbound Connector

6.1.21

Mobile Gateway

6.1.21

Project Planner

6.1.21

Utility Service

6.1.21

DRS Web Services Gateway

6.1.21

Archive/Housekeeping 

6.1.21

UK Geocoding Postcode Database

07/2022

Description

Version

Apache

2.4.65

Java

8.442.06.1

MariaDB

10.6.22

MariaDB Java Client (JDBC)

3.1.2

php

8.3.20

Tomcat

9.0.104

Tomcat Native

2.0.3.0

.Net

4.7

SoapUI

5.7.2