Bugfixes

Incident number
Summary (problem description)
Resolution
PUB-408

Components contained CVE-2023-51074 on json-path version 2.8.0
Components contained CVE-2024-22233 on spring-core version 6.0.14

Components have upgraded json-path version to 2.9.0

Components have upgraded spring-boot version to 3.1.8 which increases spring-core version to 6.0.16

Upgrade Instructions

There are no specific upgrade instructions but when you upgrade from version 6.x, please take a look at the Publisher 7.0 Upgrade Instructions

3rd Party Libraries

There is also a page available which lists all the 3rd party libraries that are used in the Publisher. See for more information: Blueriq Publisher 7 libraries.


ArtifactId

GroupId

License

Versions in 7.0.1

Versions in 7.0.2

accessors-smart

net.minidev

Apache License 2.0

2.4.11

2.5.0

byte-buddy

net.bytebuddy

Apache License 2.0

1.14.10

1.14.11

commons-compiler

org.codehaus.janino

3-clause BSD License

3.1.10

3.1.11

hibernate-core

org.hibernate.orm

LGPL 2.1

6.2.13.Final

6.2.20.Final

httpclient5

org.apache.httpcomponents.client5

Apache License 2.0

5.2.1

5.2.3

httpcore5

org.apache.httpcomponents.core5

Apache License 2.0

5.2.3

5.2.4

httpcore5-h2

org.apache.httpcomponents.core5

Apache License 2.0

5.2.3

5.2.4

janino

org.codehaus.janino

3-clause BSD License

3.1.10

3.1.11

jcl-over-slf4j

org.slf4j

Apache License 2.0

2.0.9

2.0.11

json-path

com.jayway.jsonpath

Apache License 2.0

2.8.0

2.9.0

json-smart

net.minidev

Apache License 2.0

2.4.11

2.5.0

jul-to-slf4j

org.slf4j

MIT License

2.0.9

2.0.11

log4j-over-slf4j

org.slf4j

Apache License 2.0

2.0.9

2.0.11

micrometer-commons

io.micrometer

Apache License 2.0

1.11.6

1.11.8

micrometer-observation

io.micrometer

Apache License 2.0

1.11.6

1.11.8

slf4j-api

org.slf4j

MIT License

2.0.9

2.0.11

spring-aop

org.springframework

Apache License 2.0

6.0.14

6.0.16

spring-beans

org.springframework

Apache License 2.0

6.0.14

6.0.16

spring-boot

org.springframework.boot

Apache License 2.0

3.1.6

3.1.8

spring-boot-autoconfigure

org.springframework.boot

Apache License 2.0

3.1.6

3.1.8

spring-boot-starter

org.springframework.boot

Apache License 2.0

3.1.6

3.1.8

spring-boot-starter-logging

org.springframework.boot

Apache License 2.0

3.1.6

3.1.8

spring-context

org.springframework

Apache License 2.0

6.0.14

6.0.16

spring-core

org.springframework

Apache License 2.0

6.0.14

6.0.16

spring-expression

org.springframework

Apache License 2.0

6.0.14

6.0.16

spring-jcl

org.springframework

Apache License 2.0

6.0.14

6.0.16

spring-jdbc

org.springframework

Apache License 2.0

6.0.14

6.0.16

spring-orm

org.springframework

Apache License 2.0

6.0.14

6.0.16

spring-oxm

org.springframework

Apache License 2.0

6.0.14

6.0.16

spring-security-acl

org.springframework.security

Apache License 2.0

6.1.5

6.1.6

spring-security-config

org.springframework.security

Apache License 2.0

6.1.5

6.1.6

spring-security-core

org.springframework.security

Apache License 2.0

6.1.5

6.1.6

spring-security-crypto

org.springframework.security

Apache License 2.0

6.1.5

6.1.6

spring-security-oauth2-authorization-server

org.springframework.security

Apache License 2.0

1.1.3

1.1.4

spring-security-oauth2-core

org.springframework.security

Apache License 2.0

6.1.5

6.1.6

spring-security-oauth2-jose

org.springframework.security

Apache License 2.0

6.1.5

6.1.6

spring-security-oauth2-resource-server

org.springframework.security

Apache License 2.0

6.1.5

6.1.6

spring-security-taglibs

org.springframework.security

Apache License 2.0

6.1.5

6.1.6

spring-security-web

org.springframework.security

Apache License 2.0

6.1.5

6.1.6

spring-tx

org.springframework

Apache License 2.0

6.0.14

6.0.16

spring-web

org.springframework

Apache License 2.0

6.0.14

6.0.16

spring-webmvc

org.springframework

Apache License 2.0

6.0.14

6.0.16

spring-ws-core

org.springframework.ws

Apache License 2.0

4.0.8

4.0.10

spring-xml

org.springframework.ws

Apache License 2.0

4.0.8

4.0.10