New Service Pack 28.006 for List & Label and the Report Server

The latest service pack for List & Label 28 delivers enhanced functionality and security improvements to streamline your reporting needs. With key updates like support of images in crosstab column and row labels in XHTML export as well as support for Embarcadero RAD Studio 12 (BDE & FireDAC). For a detailed list of changes, see the ServicePack.pdf in your installation and the Service Pack download area.

New Features


  • New option LL_OPTION_SUPPRESS_REPORTPARAMETER_POPUP_WITHDEFAULTVALUE to suppress the ReportParameter dialog, even if it’s needed.


  • XHTML-Export: Images in Crosstab Headers are now supported.


  • VCL: Support for Embarcadero RAD Studio 12 (BDE & FireDAC).


  • Setting LL_OPTION_PERCENTAGEFORMAT_INCLUDES_NBSPACE (408) to “1” adds a non-breaking space between the value and percentage sign for the percentage formatter. Can be used to ensure compliance to DIN 5008 in this case.



  • Added new option LL_OPTION_EVALUATEISVOLATILE (416) to define the expression given in the designer funtion “Evaluate(…)” is not constant and will evaluate always (no caching).
  • If the user supplied any value for LL_OPTIONSTR_EXPORTS_ALLOWED_IN_PREVIEW, the xfdf format will not dynamically be added anymore unless additionally specified.
  • Function Wizard: switching the “function” list in the first page from “grouped” to “alphabetical” or back could have caused the bottom item to be partially visible (bug in TreeView control).
  • Changing content of a text paragraph in the text object may have resulted in a mismatch in between conditional formatter and the actual content. Now the formatter is preserved for each content type.

Report Server

  • The LL_OPTION_MERGE_REPORT_PARAMETERS_WITH_THE_SAME_NAME option has been set to true by default so that report parameters with the same name from different reports such as included reports, subreports, etc. are combined into one report parameter and treated the same. Thus, report parameters with the same name are no longer displayed multiple times.



  • If server-side response caching was activated for an application, the Download actions of both the Html5Viewer and Web Report Viewer could download a server-side cached result. This implies a possible data disclosure breach. We now set cache headers on the respective controller methods to prevent caching from happen.
  • Upgraded diverse packages to tackle CVE-2024-21319.
  • Upgraded Microsoft.Data.SqlClient package references to tackle CVE-2024-0056.

Web Components

 Report Server

  • Updated NuGet packages to mitigate CVE-2024-0056 and CVE-2024-21319.

Related Posts

Leave a Comment