Release Date	14 Aug 2023
Content	Release 6.1.0
Download	Download Blueriq

On this page:

Technical Improvements

Hibernate

In Publisher 6.1.0 we have updated our Hibernate implementation to remove a deprecated way of building queries to databases. This is all done make a smooth transition to migrate to a newer Hibernate major version.

Spring

In Publisher 6.1.0 we have updated the foundation of how Spring Framework is implemented into our code base making it more future proof and ready for the future.

Bugfixes

Incident number	Summary (problem description)	Resolution
PUB-386	CVE-2023-2976 is detected on the guava library	Fixed by updating guava to 32.0.1
PUB-388	CVE-2023-34036 is detected on spring-hateoas	Fixed by updating spring-hateoas to 1.5.5
PUB-392	CVE-2022-31692 is detected on spring security	Fixed by updating spring security to 5.8.5
PUB-394	CVE-2023-34034 is detected on spring security	Fixed by updating spring security to 5.8.5
PUB-395	CVE-2022-31690 is detected on spring security	Fixed by updating spring security to 5.8.5
PUB-396	CVE-2023-34035 is detected on spring security	Fixed by updating spring security to 5.8.5

Upgrade Instructions

In this version we have made some changes to the Publisher REST API, see Publisher 6.1.0 Upgrade Instructions for more information. When you upgrade from version 6.x, please take a look at the Platform support and Installing Publisher 6 due to the upgrade to Java 17.

3rd Party Libraries

There is also a page available which lists all the 3rd party libraries that are used in the Publisher. See for more information: Blueriq Publisher 6 libraries.

ArtifactId	GroupId	License	Version in 6.0.5	Version in 6.1.0
spring-security-oauth2	org.springframework.security.oauth	Apache License 2.0	2.5.2.RELEASE
jcip-annotations	com.github.stephenc.jcip	Apache License 2.0		1.0-1
nimbus-jose-jwt	com.nimbusds	Apache License 2.0		9.24.4
spring-security-oauth2-authorization-server	org.springframework.security	Apache License 2.0		0.4.3
spring-security-oauth2-core	org.springframework.security	Apache License 2.0		5.8.5
spring-security-oauth2-jose	org.springframework.security	Apache License 2.0		5.8.5
spring-security-oauth2-resource-server	org.springframework.security	Apache License 2.0		5.8.5
checker-qual	org.checkerframework	MIT License	3.12.0	3.33.0
error_prone_annotations	com.google.errorprone	Apache License 2.0	2.11.0	2.18.0
guava	com.google.guava	Apache License 2.0	31.1-jre	32.0.1-jre
j2objc-annotations	com.google.j2objc	Apache License 2.0	1.3	2.8
spring-aop	org.springframework	Apache License 2.0	5.3.27	5.3.29
spring-beans	org.springframework	Apache License 2.0	5.3.27	5.3.29
spring-context	org.springframework	Apache License 2.0	5.3.27	5.3.29
spring-core	org.springframework	Apache License 2.0	5.3.27	5.3.29
spring-expression	org.springframework	Apache License 2.0	5.3.27	5.3.29
spring-hateoas	org.springframework.hateoas	Apache License 2.0	1.5.3	1.5.5
spring-jdbc	org.springframework	Apache License 2.0	5.3.27	5.3.29
spring-orm	org.springframework	Apache License 2.0	5.3.27	5.3.29
spring-oxm	org.springframework	Apache License 2.0	5.3.27	5.3.29
spring-security-acl	org.springframework.security	Apache License 2.0	5.7.7	5.8.5
spring-security-config	org.springframework.security	Apache License 2.0	5.7.7	5.8.5
spring-security-core	org.springframework.security	Apache License 2.0	5.7.7	5.8.5
spring-security-crypto	org.springframework.security	Apache License 2.0	5.7.7	5.8.5
spring-security-taglibs	org.springframework.security	Apache License 2.0	5.7.7	5.8.5
spring-security-web	org.springframework.security	Apache License 2.0	5.7.7	5.8.5
spring-test	org.springframework	Apache License 2.0	5.3.27	5.3.29
spring-tx	org.springframework	Apache License 2.0	5.3.27	5.3.29
spring-web	org.springframework	Apache License 2.0	5.3.27	5.3.29
spring-webmvc	org.springframework	Apache License 2.0	5.3.27	5.3.29
spring-ws-core	org.springframework.ws	Apache License 2.0	3.1.5	3.1.6
spring-xml	org.springframework.ws	Apache License 2.0	3.1.5	3.1.6

Publisher 6.1.0 Release Notes