PIP 6.4.0 Release Notes

The new release of PIP improves the stability, compatibility and security of your solution, and is recommended for all installations.

New Features

New Actions

JSON Handling

  • Update JSON – An action for manipulating JSON. Link to documentation Update JSON.
  • Validate JSON – An action for checking if strings are valid JSON. Link to documentation Validate JSON.
  • Read value from JSON – An action for reading a value from JSON. Link to documentation Read a value from a JSON.
  • Merge JSON – An action for doing simple merging of JSON. Link to documentation Merge JSON.

Script Execution

An action that performs execution of a custom script (JavaScript) on the list of session objects. Link to documentation Script Execution.

Manual Parsing REST Web Service

Gives more flexibility to the REST web service in terms of what requests it accepts and what the responses from the web service look like.

Read more about this in documentation under MANUAL PARSING.

New Audit Log Format

When enabled (disabled by default) the audit log will be logged using the CEF format. Not all actions have their own log definition. The following have their own log definitions: Policy start, policy stop, LDAP operations and HTTP operations.

This can be enabled by going to Tools ->Options -> Use new audit log format (CEF) in the configuration GUI.

Improvements

PIP-645 OAuth2 authentication for SMTP

SMTP now supports OAuth2 authentication. The SMTP Settings have a section for configuring OAuth2 authentication.

PIP-802 Add option to mask HTTP body in REST actions from logs

It was not possible to mask the HTTP body in the REST actions from the logs. All the actions have now been updated to support masking the HTTP body from the logs. More information can be found in the documentation for the REST actions.

Upgrade JRE from 17.0.4 to 17.0.15

Upgraded the JRE to a newer version.

Vulnerability mitigations

Upgrade dependencies to reduce reported vulnerabilities.
The following CVE:s have been resolved:

  • CVE-2024-21742
  • CVE-2023-40743
  • CVE-2019-0227
  • CVE-2018-8032
  • CVE-2012-5784
  • CVE-2014-3596
  • CVE-2007-2353
  • CVE-2023-33202
  • CVE-2023-33202
  • CVE-2025-8916
  • CVE-2023-33202
  • CVE-2024-34447
  • CVE-2024-29857
  • CVE-2025-8885
  • CVE-2024-30171
  • CVE-2023-33202
  • CVE-2023-33201
  • CVE-2023-33202
  • CVE-2024-25710
  • CVE-2024-26308
  • CVE-2023-24998
  • CVE-2024-47554
  • CVE-2023-2976
  • CVE-2020-8908
  • CVE-2022-41853
  • CVE-2025-52999
  • CVE-2022-42003
  • CVE-2023-35116
  • CVE-2023-36478
  • CVE-2023-44487
  • CVE-2024-22201
  • CVE-2024-9823
  • CVE-2024-6762
  • CVE-2024-8184
  • CVE-2024-6763
  • CVE-2023-26048
  • CVE-2023-26049
  • CVE-2023-40167
  • CVE-2023-41900
  • CVE-2023-36478
  • CVE-2023-44487
  • CVE-2024-22201
  • CVE-2024-9823
  • CVE-2024-6762
  • CVE-2024-8184
  • CVE-2023-26048
  • CVE-2023-26049
  • CVE-2023-40167
  • CVE-2023-41900
  • CVE-2023-36479
  • CVE-2023-36478
  • CVE-2023-44487
  • CVE-2024-22201
  • CVE-2024-9823
  • CVE-2024-6762
  • CVE-2024-8184
  • CVE-2023-26048
  • CVE-2023-26049
  • CVE-2023-40167
  • CVE-2023-41900
  • CVE-2023-36479
  • CVE-2023-5763
  • CVE-2024-9408
  • CVE-2022-2712
  • CVE-2024-8646
  • CVE-2025-31672
  • CVE-2023-39017
  • CVE-2022-34169
  • CVE-2021-41303
  • CVE-2022-32532
  • CVE-2022-40664
  • CVE-2023-34478
  • CVE-2023-22602
  • CVE-2023-46749
  • CVE-2023-46750
  • CVE-2022-34169
  • CVE-2023-44483
  • CVE-2024-20945
  • CVE-2024-47072
  • CVE-2022-40151
  • CVE-2022-40152
  • CVE-2022-41966