You can download this HotFix from the TIBCO Support Portal (https://support.tibco.com). You will need to provide your TIBCO Support Portal credentials. Once logged in you can download the hotfix by selecting the “Downloads” -> “Hotfixes” option. Then go to the AvailableDownloads/BusinessWorks/6.12.0/Hotfix-01. 

Below is the complete list of defects/enhancements addressed in this hotfix(You can also find the same in the attached hotfix readme file).

================================================================================

6.12.0_HF-001 (This Release)

New Features

AMBW-53836
BusinessWorks Agent network domains that were previously not appearing are now
displayed in the BusinessWorks Studio's deployment servers tab.

AMBW-52389
Previously, when a shared module's version was replaced with a Maven property 
(for example, ${Version}), the dependency was not resolved from the local .m2
repository, causing the shared module to fail to load in the workspace.

With this enhancement, users can now define the shared module version as a
property in the Maven pom.xml, and the module will still be correctly retrieved
from the local repository.

Usage:
<properties>
<Version>1.0.0</Version>
</properties>
<dependency>
<groupId>com.tibco.bw</groupId>
<artifactId>TestSM1</artifactId>
<version>${Version}</version>
</dependency>

AMBW-51144
Support for OAuth client authentication with "Send client credentials in body"

Support is now added to generate OAuth token in BusinessWorks using client
authentication with "Send client credentials in body". A new field "Client 
Authentication" is added in the OAuth shared resource. It has 2 options in the
dropdown, Send as Basic Auth header and Send client credentials in body.
By default Send as Basic Auth header is selected.

BWCE-10456
This release adds support for security context to Monitoring Container to restrict
access to file system for a specific user.

BWCE-10205
Introduced the properties com.tibco.bw.includeAllStarters, com.tibco.bw.includeStarters,
and com.tibco.bw.excludeStarters to control component autostart behavior at BWCE runtime.

Note: Use the bwce.component.auto.start.override=true property along with the above
properties.

BWCE-10121
A new dialog "Update Bindings" has now been added that can be used for individual
process files to map the invoke activities to desired reference/service bindings.

BWCE-10101
Support for overriding content-type header of multipart Form parameters in REST
Service/Reference

A new field, content-type, is now generated in the form parameter schema for multipart
form parameters of type File/Text and File/Binary when creating a REST Service or
Reference Binding. To override the content-type header at runtime, you can specify
a value for the content-type field in the input tab of the invoke activity.

Note: To apply these changes at design time, you must create a new REST Service or
Reference Binding.

BWCE-9920
This release adds support for database cleaning functionality for either Process
Monitoring tables or all database tables in BWCE-Mon.

EXEC_DB_CLEANUP When provided, it cleans up the following tables: statregistry,
process, and noderegistry.

EXEC_FULL_DB_CLEANUP When provided, it cleans up all database.

BWCE-9919
This release adds support for Schema Level Isolation in Postgres Database,
enabling  distribution of application data across multiple schemas within a
single database.

BWCE-9897
If a process uses a shared module property that has been removed in the new 
import, an EMF validation error will appear under the Problems tab.

BWCE-9885
A new button called Find Reference has been added under Application Properties page.
This button will list all the processes that are using the selected module property.

This will work for Shared Module properties being used in Application Module.

BWCE-9833
A new checkbox Use Decimal Type has been added to the Advanced tab of the JDBC Call
Procedure activity to default Oracle NUMBER types to Decimal when browsing or
refreshing procedures.

BWCE-9780
BWCE supports Workload Identity authentication with Azure Key Vault.

BWCE-9641
We have implemented an enhancement to introduce OAuth 2.0 within the JNDI shared 
resource for lookups. This change allows specific client credentials to be provided
exclusively for JNDI lookups, while the credentials within the JMS shared resource
will continue to be used solely for establishing the JMS connection.

BWCE-9527
Added new BusinessWorks design utility to display all module properties present in the
specified project module.

BWCE-5486
Added a new button to BWCE Mon to remove the selected applications from the dashboard.

Changes In Functionality 

AMBW-54725
Starting from BusinessWorks 6.12.0 HF001, the license system property will be 
java.property.TIB_ACTIVATION (backward compatibility will be maintained for the older
property). If users want to use an operating system environment variable, the license
property name will be TIB_ACTIVATION.

AMBW-54321
Skipping the application version number while applying validation properties was not 
working correctly. This issue has been fixed now, skipping the application version from 
the system property now works for both input validation and output validation.

AMBW-53163
Deployment target selection does not persist across workspaces; a new workspace 
opens with the default deployment target. 

AMBW-52164
The compare editor in the diff view can display differences for the input tab of a
mapper activity and can copy those differences when comparing a local working copy
with an older revision.

BWCE-10532
Added Overwrite Existing File option in FTP Get activity in container deployment mode.

BWCE-10097
BWCE now displays console logs when the base image is customized by excluding JAR files.

BWCE-9645
Instead of separate commands for create, update and delete, the package operations
are merged under Package command which provides options to create, delete and
update packages.

CVEs
 
AMBW-54485
High priority CVE-2025-41249 due to spring-core-6.1.20.jar addressed.

AMBW-54484
High priority CVE-2023-6378 due to logback-classic-1.2.3.jar addressed.

AMBW-53871
CVE spring-core-6.1.20.jar addressed.

BWCE-10272
Vulnerability in CVE Scan for Apache Commons JXPath commons-jxpath-1.4.0.jar.

BWCE-10270
Vulnerability in CVE Scan for Apache Commons Lang commons-lang-2.4.jar.

BWCE-10263
Updated the version of joda-time jar.

BWCE-10261
EOL Jar file remediation
tibco.home/bwce/2.10/system/shared/com.tibco.bw.tpcl.io.openapi_1.0.1200.010/lib/
commons-lang3-3.7.jar.

The commons-lang3 jar is now upgraded to 3.19.0 version.

BWCE-10232
Vulnerabilities in CVE scan for org.eclipse.jetty.http2:http2-common.

BWCE-10100
Address High CVE issues reported for commons-beanutils-1.9.4.jar.

BWCE-10075
Address Low security vulnerabilities reported for TPCL 
com.tibco.tpcl.org.apache.httpclient_4.10.200.004/httpclient-osgi-4.5.13.jar.

Known Issues 

AMBW-54701
Issue: If the target namespace tns is changed to tns1 due to a modified reference, 
then tns1 does not copy back to tns using the Copy button provided in the compare editor.

Workaround: Use copy-paste to copy the change from the right side to the left side in the
compare editor of the diff view.

AMBW-54692
The property tab of an activity is highlighted in the diff view compare editor 
when a copy action is performed and the element has a blank value.

AMBW-53831
While stopping the application when component autostart is disabled at design
time, the following error occurs: com.tibco.bx.core.faults.BxException: BX-600042:
Stop module failed for module [SM1.ComponentProcess2]. The module is already in a 
stopped state.

BWCE-10576
When unregistering an application from a Level 2 page that has multiple instances with
PI and PM enabled, unregistering a specific app instance causes either PI or PM to 
automatically turn off.

BWCE-10553
While unregistering an application from a Level 1 page, it should not display the
keyword 'undefined' along with the app name.

Closed Issues

AMBW-54272
The SOAP Invoke activity using a SOAP/JMS binding throws exceptions. 

To resolve the exception, set the property bw.binding.soap.wsdl.schema.importsofimports
to true.

AMBW-54198
The empty <header> and <faultactor> elements are not being removed during SOAP fault
execution, even when the property 'bw.binding.soap.client.reply.empty.header.override' 
is set to true.

AMBW-54176
In an application designed in BusinessWorks 6.12.0, adding a new Identity Provider shared 
resource caused a java.lang.ClassCastException at runtime.

AMBW-54147
When installing BusinessWorks with only the Runtime component and then attempting to install
the EMS driver, the build fails. 

AMBW-54021
Component Status is available on application component page when appspace is configured
in FTgroup persistence mode. 

AMBW-53915
While invoking a REST service defined with required or mandatory request header
parameters, an error was not thrown if the request headers were missing.
Now, request header validation is performed, and a 400 Bad Request error is
thrown.

AMBW-53834
When BusinessWorks Agents are configured in a network scenario, downloading AppNode data
results in an empty file.

AMBW-53833
org.glassfish.jersey.client.innate.inject.NonInjectionManager warning occurred while
executing the bwdesign utility.

AMBW-53641
A java.lang.NullPointerException was thrown while invoking a REST service with request
header parameters using a REST Reference binding created through the REST Reference Wizard.

Note: We have to create a new Reference Binding for the changes to take effect.

AMBW-53627
Send Mail activity Input credentials overriding with SMTP shared resource
credentials.

AMBW-53597
The RV Request-Reply activity was randomly encountering issues. To fix this, we updated
the way XML elements are handled for RV messages in highly loaded, multi-threaded
environments.

AMBW-53582
With version 6.12.0HF1, the EAR file generated by Maven will also include a timestamp,
similar to the one generated by BusinessWorks Studio.

AMBW-53580
Post-migration File Poller activity is using a literal value for the filename 
instead of referencing the module property.

AMBW-53553
The List Files activity was loading the entire file object into memory, which caused
an OOM error under heavy load conditions.

AMBW-53491
The nullable:true property in the REST OAS 3.0 file was not translated to the
nillable=true attribute in the generated XSD.

AMBW-53483
Timeout Error Encountered Using ojdbc8.jar Version 23.8 with Oracle Database.

AMBW-53434
Engine command "GetProcessStarterStats" displays output upon successful execution.

AMBW-53324
BusinessWorks Engine is now starting with FTL 7.0.1 and 7.1.0 without any error.

AMBW-53271
The application failed to start if the REST service was created using a Swagger 2.0
JSON file that had properties declared as empty {} and contained neither a 
type nor a $ref property.

Now, the properties that contain neither a 'type' nor '$ref' property are resolved
as anySimpleType in the XSD schema.

We need to set the system property bw.rest.convert.nested.json=true, for rendering
the response if the value provided is an object for the empty element. The value for
such an element has to be sent in string format i.e. with escape characters in the
input.

Use third party clients like Swagger UI to invoke the service if the JSON object/array
is expected for empty elements.

AMBW-53257
The user is unable to inject a local file.
AppNode Logback files are properly validated before any processing during the upload
functionality.
Only valid .xml Logback files are allowed to upload.

AMBW-53148
The Render JSON and Invoke activity fails if the input JSON file contains a nested array
with either one level or more than two levels.

AMBW-53098
Users can now filter the properties and update the values.

AMBW-52680
BusinessWorks design export command is working fine for '-t' option.

AMBW-52437
The issue causing BusinessWorks Studio to hang while creating a module property has
been fixed.

BWCE-10434
Upgrade Microsoft JDBC Driver to version 13.2.1 (JRE 11) from BusinessWorks 6.12.0 HF001.

BWCE-10393
An issue with parent POM generation has been fixed.

BWCE-10391
Applications configured with the Basic Authentication Policy failed to start with an
error 'PolicyService cannot be found' when deployed on the platform.

BWCE-10373
User can now update the Application and Shared module version in the pom.xml and
re-generate the pom.xml to update the snapshot version of Application and Shared module.

BWCE-10362
Removed JAVA_OPTS block to update appnode.tra from setup.sh.

BWCE-10278
The intermittent BusinessWorks Studio hang issue that occurred when right-clicking on the 
˜Add Test option has been fixed.

BWCE-10212
ParseData Palette in BWCE doesn't restrict processing even if the mandatory field of
schema are not passed. Use property "com.tibco.bw.palette.parse.data.throwException=true"
to get the desired exception.

BWCE-10206
Frequent workspace corruption occurs after the 2.10 upgrade when using the Maven repository.

BWCE-10204
If there is any error while running bwdesign commands via maven, the build will fail.

BWCE-10122
The activities within the application process diagram are not clearly visible due to 
vertical and horizontal alignment issue.

BWCE-10119
A stack overflow issue occurs when clicking the Fetch button in the JDBC Query activity
for a PostgreSQL database.

BWCE-10113
tib:timestamp() function not working in SOAP Service binding Request Context.

BWCE-10112
Missing otel traceparent header when using bindings with dynamic header.

BWCE-10110
Elements with xsd:float type giving scientific notation in BWCE/BW6.x.
To get the output without scientific notation, set the property to 
"-Dbw.xml.float.c14n.spec.nonconformant=true"

BWCE-10109
SOAP Service will fail if "Message" has any attribute other than "name" in
WSDL file.

BWCE-10107
SMTP Shared Resource test connection failed after upgrade from 2.9.2 to 2.10.0.

BWCE-10106
The "Send Mail" activity works correctly in versions 2.9.1 and 2.9.2, but fails 
in version 2.10.0 with the error:javax.net.ssl.SSLException:Unsupported or 
unrecognized SSL message. 

BWCE-10105
When an application is deployed in BWCE runtime, an Illegal start-complex
invocation error is thrown for HTTP Send request activity.

BWCE-10083
The BW_COMPONENT_JOB_FLOWLIMIT works fine at runtime. We can provide it as an
environment variable while running the application.

BWCE-10008
The "description" inside the "info" tag of the Swagger file was not reflecting
in the runtime Swagger JSON file when the REST application was deployed on the
platform.

BWCE-9922
Incorrect Application State Display issue in BWCE Monitoring UI has been fixed.

BWCE-9921
BWCE Monitoring throws error "socket hang up" when an application tries to connect
to Monitoring Service.

BWCE-9898
A preference option has been provided that allows developers to retain the
existing tokenized values for properties that remain unchanged when updating the 
dependency version.

To enable it: Go to Preference> BusinessWorks> Application Properties> 
Retain tokenized values.

BWCE-9896
Changes in shared resources are not reflected in the Require Capabilities
section in the MANIFEST.MF file.

BWCE-9895
Bundles in debug configurations for custom xpath function jars will be auto
selected.

BWCE-9894
Extraneous whitespace in the Gold input file, generated from the Output tab of
job data in the activity, will now be removed during generation.

BWCE-9878
Reduced delay while running the bwdesign command in a docker container by 50%.

BWCE-9721
A BusinessWorks application using Credential Mapping Policy and XML-based
authentication took 2-3 seconds to process the first request, while subsequent
requests were processed within milliseconds.

Note: This fix applies only for the Reference side.

BWCE-9524
With BusinessWorks design utility extra logs on the console can be observed 
while executing commands.

Deprecated Features

BWCE-10380
The Maven deploy goal will now only be used to push the code to the remote 
repository. It will no longer perform BusinessWorks deployment. A new goal,
BusinessWorks deploy has  been introduced specifically to deploy BusinessWorks
applications on target platforms such as TIBCO Platform and BusinessWorks Agent. 

To run this, execute:
com.tibco.plugins:bw6-maven-plugin:bwdeploy at the application level.

================================================================================

You can also download the hotfix using the below link:

https://support.tibco.com/s/hotfixes

TIBCO BusinessWorks 6.12.0 Hotfix-01 is available