============================================================================= Run Date: SEP 29, 2023 Designation: JLV*3*25 Package : JLV - JOINT LEGACY VIEWER Priority: Mandatory Version : 3 SEQ #25 Status: Released Compliance Date: OCT 13, 2023 ============================================================================= Subject: JLV 3.5.2.0 Maintenance Release Category: - Informational Description: ============ ***************************** PLEASE NOTE ******************************** * * * Version 3.5.2.0 of the Joint Longitudinal Viewer (JLV) was deployed to * * VA Enterprise Cloud (VAEC) Amazon Web Services (AWS) Production "A" on * * Thursday September 28, 2023 at 11pm ET and VA Enterprise Cloud (VAEC) * * Amazon Web Services (AWS) Production DR (Backup) at 2pm ET * * * * NOTE: The release was loaded on the National JLV servers. There is * * nothing that local sites can or need to do besides communicate changes * * to users * * * ************************************************************************** JLV 3.5.2 release resolves over 30 production defects along with several critical and high findings from CodeQL, an Office of Information Security (OIS) mandated code analysis tool, to ensure JLV remains secure and performs optimally. Additionally, this release implements End User Monitoring (EUM) in AppDynamics, a monitoring tool, to collect user experience information for analysis and updates the mapping for Logical Observation Identifiers Names and Codes (LOINC), a universal identification standard, to ensure accurate data is displayed. The following SNOW, Non Functional Requirements and Infrastructure enhancements are included in this release: Issue | Summary ************************************************************************** JP-23999 | Fortify Scan 3.5.2 JP-24078 | (Prod) Timestamp wrong between CPRS and JLV Encounters widget JP-24237 | AppD EUM Implementation JP-24318 | (PROD) JLV NHIN Accounts at VistA sites are still being created (much less) JP-25025 | Keystore clean-up/documentation, S3-Keystore-Cleanup-3.5.2.0 JP-25095 | Update Dockerfiles to Java 17 and Tomcat 10 JP-25183 | (PROD) Global - Restore down button not functional after closing the window with specific condition. JP-25848 | (PROD) Data format issue in Patient Demographics JP-25902 | (PROD) EZ Select- Icon is disabled after using the long hold and clicking out of the option menu JP-25903 | (PROD) Flags Note Detail contains HTML JP-25904 | (PROD) Some critical FEHR Lab Results and Lab Panel comments are black instead of white JP-25930 | (PROD) HAIMS records with multiple linked documents will no longer display all items in the Documents and Images widget - allow the HAIMS cache to be disabled by default JP-25959 | (PROD) "Adverse Vaccine Reactions" row is missing in "Immunizations Detail Window" view for FEHR records JP-26167 | (PROD) Imaging and Rad Reports widget - display "Details" in "Date" drop down filter JP-26192 | (PROD) "Details" in "Date" drop down filter is displayed for Advance Directives JP-26195 | (PROD) "Details" in "Date" drop down filter is displayed for Surgery / Procedure Reports JP-26198 | (PROD) "Details" in "Date" drop down filter is displayed for Progress Notes widget JP-26237 | (PROD) Covid-19 flag text is not Bold in Patient Flags JP-26359 | (PROD) Documents & Images- A specific patient has blank "Outpatient Note" details from TMDS JP-26439 | (Prod) Deleting a tab does not delete the minimized expanded view of the widgets from the tab JP-26458 | (Prod) Filter highlighting not working correctly when narrowing down search JP-26494 | (Prod) Date tool - The Date Chooser date range is too short JP-26506 | (Prod) Duplicate Future appointments appears in the Appointments widget JP-26576 | (PROD) New Report Tab Formatting JP-26630 | (PROD) Add Location Column to Vitals- Certain widgets do not display Site hover hint for Location column for VistA JP-26631 | (PROD) Add Location Column to Appointments - Certain widgets do not display Site hover hint for Location column for VistA JP-26633 | (PROD) Add Location Column to Documents and Images - Certain widgets do not display Site hover hint for Location column for VistA JP-26635 | (PROD) Add Location Column to Immunizations - Certain widgets do not display Site hover hint for Location column for VistA JP-26636 | (PROD) Add Location Column to Medications Inpatient and Outpatient - Certain widgets do not display Site hover hint for Location column for VistA JP-26637 | (PROD) Add Location Column to Problem List - Certain widgets do not display Site hover hint for Location column for VistA JP-26638 | (PROD) Add Location Column to Progress Notes - Certain widgets do not display Site hover hint for Location column for VistA JP-26795 | (Prod) Patient name overlapping when font size > 17 on the sensitive record dialogue box JP-26796 | (Prod) Vitals Graph window - Added RB state change upon moving graph window JP-26813 | Updating Libraries (3.5.2.0) JP-26817 | Identify Performance Improvements (JLV 3.5.2.0) JP-26887 | (Prod) JLV is adjusting the time zone incorrectly for Appointments. This affects all CPRS/VistA Appointments. JP-26999 | (PROD) DOB format display in Report Builder Report is incorrect for Patient Demographics JP-27010 | (PROD) DoD-Only Patients have "No Data" in Documents & Images widget but complete FEHR records are present in FEHR/MHS Genesis widget JP-27013 | (PROD 508) "Move Widget" is not working in accessible theme for expanded widgets and detail/notes JP-27029 | Update LOINC table in JLV DB to support data normalization JP-27088 | (PROD) DoD ONLY patients are missing records in Imaging widget JP-27099 | Update branches 3.5.2.0 and 3.6.0.0 with changes that are associated with BG phase 1 process, config update db 2 JP-27175 | CQL499: Use of a predictable seed in a secure random number generator JP-27176 | CQL580: Use of a predictable seed in a secure random number generator JP-27196 | CQL18: Incomplete multi-character sanitization JP-27197 | CQL19: Incomplete multi-character sanitization JP-27198 | CQL20: Incomplete multi-character sanitization JP-27199 | CQL21: Incomplete multi-character sanitization JP-27200 | CQL22: Incomplete multi-character sanitization JP-27201 | CQL23: Incomplete multi-character sanitization JP-27202 | CQL24: Incomplete multi-character sanitization JP-27203 | CQL26: Incomplete string escaping or encoding JP-27204 | CQL27: Incomplete string escaping or encoding JP-27205 | CQL28: Incomplete string escaping or encoding JP-27206 | CQL29: Incomplete string escaping or encoding JP-27207 | CQL32: Incomplete string escaping or encoding JP-27208 | CQL33: Incomplete string escaping or encoding JP-27209 | CQL34: Useless regular-expression character escape JP-27210 | CQL400: Remote property injection JP-27211 | CQL1191: Insertion of sensitive information into log files JP-27212 | CQL401: Remote property injection JP-27213 | CQL402: Remote property injection JP-27215 | CQL442: Incomplete string escaping or encoding JP-27216 | CQL443: Incomplete string escaping or encoding JP-27217 | CQL466: Uncontrolled data used in path expression JP-27218 | CQL467: Uncontrolled data used in path expression JP-27219 | CQL468: Uncontrolled data used in path expression JP-27220 | CQL469: Uncontrolled data used in path expression JP-27221 | CQL498: Log Injection JP-27222 | CQL578: Use of a potentially broken or risky cryptographic algorithm JP-27223 | CQL581: `TrustManager` that accepts all certificates JP-27224 | CQL945: Log Injection JP-27225 | CQL946: Log Injection JP-27226 | CQL947: Insertion of sensitive information into log files JP-27227 | CQL948: Insertion of sensitive information into log files JP-27228 | CQL949: Insertion of sensitive information into log files JP-27229 | CQL950: Insertion of sensitive information into log files JP-27230 | CQL951: User-controlled bypass of sensitive method JP-27231 | CQL952: User-controlled bypass of sensitive method JP-27232 | CQL953: User-controlled bypass of sensitive method JP-27233 | CQL1189: Log Injection JP-27234 | CQL1190: Insertion of sensitive information into log files JP-27236 | CQL1192: User-controlled bypass of sensitive method JP-27255 | CQL946: Log Injection JP-27292 | Double encrypted VDS log path and notated all (3.5.2.0). INC28711172 - log4j vuln on test automation EC2 JP-27387 | (PROD) Add Location Column to Orders - Certain widgets do not display Site hover hint for Location column for VistA JP-27388 | (PROD) Add Location Column to Encounters - Certain widgets do not display Site hover hint for Location column for VistA The following defect requirements are included in this release: Issue | Summary ************************************************************************** JP-20405 | (Prod) Green Theme- Report Builder pane color is different than UI JP-24108 | (PROD) Consults- "Consultation Report" records should have "Consultation Report" in the title of their Consults Detail JP-24243 | (PROD) Problem's Linked Items- There are Procedure records without Note links that say Record with Details in Report Builder and the record 'fails' to build JP-24255 | (PROD) Problem List- "No Data" is displayed instead of "Loading..." while Problem's Linked Items loads is back again JP-26541 | (SQA) Patient Search: Entering date to search is disappearing out of input box for date JP-27092 | (SQA) HAIMS is missing for Imaging widget JP-27095 | (SQA) Vitals Graph- Changing Imperial/Metric/Show Labels should reset the Report Builder icon so the new graph can be added to Report Builder JP-27449 | (UAT) Appts widget - End Date Drop down list- future years don't display During DIT, the test team validated the requirements provided in the JIRA JP Project requirements collection using the test scripts and the test Cases in TestRail. Any issue encountered is recorded as a defect in the JIRA JP Project. Documentation Instructions: Sites may retrieve the documentation directly using this website: https://download.vista.domain.ext then select the SOFTWARE directory File Name Contents --------- -------- JLV_3_25_DIBR.DOCX JLV Deployment/Install/Backout/Rollback Guide The JLV user guide, resources and training materials are also posted and updated on the JLV website: https://dvagov.sharepoint.com/sites/VACOVE2/JLV Routine Information: ==================== No routines included. ============================================================================= User Information: Entered By : Date Entered : SEP 27, 2023 Completed By: Date Completed: SEP 29, 2023 Released By : Date Released : SEP 29, 2023 ============================================================================= Packman Mail Message: ===================== No routines included