Release Date	30 Dec 2024
Content	Release 8.0.3
Download	Download Blueriq

On this page:

Bugfixes

Incident number	Summary (problem description)	Resolution
PUB-446	CVE-2024-38827 was detected on spring-security-taglibs	Updated spring-security-taglibs to the latest version
	CVE-2024-12798 and CVE-2024-12801 were detected on logback 1.4.14	Mitigated by upgrading logback to 1.5.15

Upgrade Instructions

There are no specific upgrade instructions for this release.

3rd Party Libraries

Below is a list of changed third party libraries for this release. There is also a page available which lists all the third party libraries that are used in the Publisher. See for more information: Blueriq Publisher 8 libraries.

ArtifactId	GroupId	License	Version in 1	Version in 2
logback-classic	ch.qos.logback	Eclipse Public License - v 1.0	1.5.11	1.5.15
logback-core	ch.qos.logback	Eclipse Public License - v 1.0	1.5.11	1.5.15
micrometer-commons	io.micrometer	Apache License 2.0	1.13.6	1.13.8
micrometer-observation	io.micrometer	Apache License 2.0	1.13.6	1.13.8
spring-aop	org.springframework	Apache License 2.0	6.1.14	6.1.15
spring-beans	org.springframework	Apache License 2.0	6.1.14	6.1.15
spring-boot	org.springframework.boot	Apache License 2.0	3.3.5	3.3.6
spring-boot-autoconfigure	org.springframework.boot	Apache License 2.0	3.3.5	3.3.6
spring-boot-starter	org.springframework.boot	Apache License 2.0	3.3.5	3.3.6
spring-boot-starter-logging	org.springframework.boot	Apache License 2.0	3.3.5	3.3.6
spring-context	org.springframework	Apache License 2.0	6.1.14	6.1.15
spring-core	org.springframework	Apache License 2.0	6.1.14	6.1.15
spring-expression	org.springframework	Apache License 2.0	6.1.14	6.1.15
spring-jcl	org.springframework	Apache License 2.0	6.1.14	6.1.15
spring-jdbc	org.springframework	Apache License 2.0	6.1.14	6.1.15
spring-orm	org.springframework	Apache License 2.0	6.1.14	6.1.15
spring-oxm	org.springframework	Apache License 2.0	6.1.14	6.1.15
spring-security-acl	org.springframework.security	Apache License 2.0	6.3.4	6.3.5
spring-security-config	org.springframework.security	Apache License 2.0	6.3.4	6.3.5
spring-security-core	org.springframework.security	Apache License 2.0	6.3.4	6.3.5
spring-security-crypto	org.springframework.security	Apache License 2.0	6.3.4	6.3.5
spring-security-oauth2-core	org.springframework.security	Apache License 2.0	6.3.4	6.3.5
spring-security-oauth2-jose	org.springframework.security	Apache License 2.0	6.3.4	6.3.5
spring-security-oauth2-resource-server	org.springframework.security	Apache License 2.0	6.3.4	6.3.5
spring-security-taglibs	org.springframework.security	Apache License 2.0	6.3.4	6.3.5
spring-security-web	org.springframework.security	Apache License 2.0	6.3.4	6.3.5
spring-tx	org.springframework	Apache License 2.0	6.1.14	6.1.15
spring-web	org.springframework	Apache License 2.0	6.1.14	6.1.15
spring-webmvc	org.springframework	Apache License 2.0	6.1.14	6.1.15

Other spaces

Publisher 8.0.3 Release Notes

Bugfixes

Upgrade Instructions

3rd Party Libraries