Technical Improvements
Hibernate
In Publisher 6.1.0 we have updated our Hibernate implementation to remove a deprecated way of building queries to databases. This is all done make a smooth transition to migrate to a newer Hibernate major version.
Spring
In Publisher 6.1.0 we have updated the foundation of how Spring Framework is implemented into our code base making it more future proof and ready for the future.
Bugfixes
Incident number | Summary (problem description) | Resolution |
---|---|---|
PUB-386 | CVE-2023-2976 is detected on the guava library | Fixed by updating guava to 32.0.1 |
PUB-388 | CVE-2023-34036 is detected on spring-hateoas | Fixed by updating spring-hateoas to 1.5.5 |
PUB-392 | CVE-2022-31692 is detected on spring security | Fixed by updating spring security to 5.8.5 |
PUB-394 | CVE-2023-34034 is detected on spring security | Fixed by updating spring security to 5.8.5 |
PUB-395 | CVE-2022-31690 is detected on spring security | Fixed by updating spring security to 5.8.5 |
PUB-396 | CVE-2023-34035 is detected on spring security | Fixed by updating spring security to 5.8.5 |
Upgrade Instructions
In this version we have made some changes to the Publisher REST API, see Publisher 6.1.0 Upgrade Instructions for more information. When you upgrade from version 6.x, please take a look at the Platform support and Installing Publisher 6 due to the upgrade to Java 17.
3rd Party Libraries
There is also a page available which lists all the 3rd party libraries that are used in the Publisher. See for more information: Blueriq Publisher 6 libraries.