Release Date	26 Jan 2024
Content	Release 7.0.2
Download	Download Blueriq

On this page:

Bugfixes

Incident number

Summary (problem description)

Resolution

PUB-408

Components contained CVE-2023-51074 on json-path version 2.8.0
Components contained CVE-2024-22233 on spring-core version 6.0.14

Components have upgraded json-path version to 2.9.0

Components have upgraded spring-boot version to 3.1.8 which increases spring-core version to 6.0.16

Upgrade Instructions

There are no specific upgrade instructions but when you upgrade from version 6.x, please take a look at the Publisher 7.0 Upgrade Instructions

3rd Party Libraries

There is also a page available which lists all the 3rd party libraries that are used in the Publisher. See for more information: Blueriq Publisher 7 libraries.

ArtifactId	GroupId	License	Versions in 7.0.1	Versions in 7.0.2
accessors-smart	net.minidev	Apache License 2.0	2.4.11	2.5.0
byte-buddy	net.bytebuddy	Apache License 2.0	1.14.10	1.14.11
commons-compiler	org.codehaus.janino	3-clause BSD License	3.1.10	3.1.11
hibernate-core	org.hibernate.orm	LGPL 2.1	6.2.13.Final	6.2.20.Final
httpclient5	org.apache.httpcomponents.client5	Apache License 2.0	5.2.1	5.2.3
httpcore5	org.apache.httpcomponents.core5	Apache License 2.0	5.2.3	5.2.4
httpcore5-h2	org.apache.httpcomponents.core5	Apache License 2.0	5.2.3	5.2.4
janino	org.codehaus.janino	3-clause BSD License	3.1.10	3.1.11
jcl-over-slf4j	org.slf4j	Apache License 2.0	2.0.9	2.0.11
json-path	com.jayway.jsonpath	Apache License 2.0	2.8.0	2.9.0
json-smart	net.minidev	Apache License 2.0	2.4.11	2.5.0
jul-to-slf4j	org.slf4j	MIT License	2.0.9	2.0.11
log4j-over-slf4j	org.slf4j	Apache License 2.0	2.0.9	2.0.11
micrometer-commons	io.micrometer	Apache License 2.0	1.11.6	1.11.8
micrometer-observation	io.micrometer	Apache License 2.0	1.11.6	1.11.8
slf4j-api	org.slf4j	MIT License	2.0.9	2.0.11
spring-aop	org.springframework	Apache License 2.0	6.0.14	6.0.16
spring-beans	org.springframework	Apache License 2.0	6.0.14	6.0.16
spring-boot	org.springframework.boot	Apache License 2.0	3.1.6	3.1.8
spring-boot-autoconfigure	org.springframework.boot	Apache License 2.0	3.1.6	3.1.8
spring-boot-starter	org.springframework.boot	Apache License 2.0	3.1.6	3.1.8
spring-boot-starter-logging	org.springframework.boot	Apache License 2.0	3.1.6	3.1.8
spring-context	org.springframework	Apache License 2.0	6.0.14	6.0.16
spring-core	org.springframework	Apache License 2.0	6.0.14	6.0.16
spring-expression	org.springframework	Apache License 2.0	6.0.14	6.0.16
spring-jcl	org.springframework	Apache License 2.0	6.0.14	6.0.16
spring-jdbc	org.springframework	Apache License 2.0	6.0.14	6.0.16
spring-orm	org.springframework	Apache License 2.0	6.0.14	6.0.16
spring-oxm	org.springframework	Apache License 2.0	6.0.14	6.0.16
spring-security-acl	org.springframework.security	Apache License 2.0	6.1.5	6.1.6
spring-security-config	org.springframework.security	Apache License 2.0	6.1.5	6.1.6
spring-security-core	org.springframework.security	Apache License 2.0	6.1.5	6.1.6
spring-security-crypto	org.springframework.security	Apache License 2.0	6.1.5	6.1.6
spring-security-oauth2-authorization-server	org.springframework.security	Apache License 2.0	1.1.3	1.1.4
spring-security-oauth2-core	org.springframework.security	Apache License 2.0	6.1.5	6.1.6
spring-security-oauth2-jose	org.springframework.security	Apache License 2.0	6.1.5	6.1.6
spring-security-oauth2-resource-server	org.springframework.security	Apache License 2.0	6.1.5	6.1.6
spring-security-taglibs	org.springframework.security	Apache License 2.0	6.1.5	6.1.6
spring-security-web	org.springframework.security	Apache License 2.0	6.1.5	6.1.6
spring-tx	org.springframework	Apache License 2.0	6.0.14	6.0.16
spring-web	org.springframework	Apache License 2.0	6.0.14	6.0.16
spring-webmvc	org.springframework	Apache License 2.0	6.0.14	6.0.16
spring-ws-core	org.springframework.ws	Apache License 2.0	4.0.8	4.0.10
spring-xml	org.springframework.ws	Apache License 2.0	4.0.8	4.0.10

Publisher 7.0.2 Release Notes

Bugfixes

Upgrade Instructions

3rd Party Libraries