You are viewing the documentation for Blueriq 13. Documentation for other versions is available in our documentation directory.
1. Bug fixes
Identifier |
Component |
Issue |
Solution |
---|---|---|---|
BQ-14474 |
|
CVE-2021-43797 & CVE-2021-23463 are reported on the runtime |
CVE-2021-43797 concerns a Netty library which was updated to the latest version in which the CVE is resolved. CVE-2021-23463 concerns H2, which we only ship with the development-tools component. This component is meant to be used for development and not for production. H2 can also be used as a database backend, but this is strongly discouraged in production environments. So we have not updated the H2 library as production is unaffected. |
CSD-3970 |
JAVA Runtime |
When importing a profile.xml using the XmlConverter an exception is thrown when loading an already existing singleton entity instance. |
This was a regression which occurred after the resolution of CSD-3923. When importing a profile.xml into a prefilled profile the existing singletons will be used, otherwise the imported profile instance will be used. |
CSD-3912 |
|
The inability to find a qualified name when importing a WSDL would omit the qualified name, making it hard to debug the issue. |
The qualified name that could not be found is now included in the log. |
CSD-3931 |
|
Importing a branch export from a Studio version older than R13 could fail if it contains external libraries that require a migration. |
When an older branch export is imported into a newer Studio version, any external libraries are now correctly migrated as well. |
CSD-3930 |
|
When an inline field is present on a page, the generation of a document using the document plugin would fail |
Inline fields no longer cause the document generation plugin to fail |
2. Log4shell
Several critical CVEs were reported on the log4j-core
library. Blueriq is not affected by these CVEs, see https://www.blueriq.com/en/insights/measures-concerning-log4shell for our statement.
We do use log4j dependencies (log4j-api
and log4j-to-slf4j
) that are not affected, but use the same versioning scheme as the affected log4j-core
library. To avoid confusion, we upgraded these libraries to the latest version 2.17.0.
3. Upgrade Instructions
There are no specific upgrade instructions for this release.
As a best practice
- backup your repository
- backup your database before running scripts
- backup your
spring.config.additional-location
directory ([Blueriq installation directory]\Runtime) - backup any config files you have altered under [Blueriq installation directory]\Services
before you start the upgrade.
4. Artifacts
The Blueriq artifacts are available under name: 13.13.11.4253
This release includes these versions of Blueriq components with a separate life cycle:
Component |
Version |
---|---|
Customer Data Service | 3.4.5 |
DCM Lists Service | 1.4.4 |
Material Theme | 1.0.40 |
Development tools | 1.1.1 |
5. Aquima Libraries
There are no specific Library updates for this release.
6. Libraries
The third party libraries were updated in this release.
7. Known issues
For an overview of known issue please refer to: Known issues