You are viewing the documentation for Blueriq 13. Documentation for other versions is available in our documentation directory.
1. Bug fixes
|
Identifier |
Component |
Issue |
Solution |
|---|---|---|---|
|
BQ-14474 |
|
CVE-2021-43797 & CVE-2021-23463 are reported on the runtime |
CVE-2021-43797 concerns a Netty library which was updated to the latest version in which the CVE is resolved. CVE-2021-23463 concerns H2, which we only ship with the development-tools component. This component is meant to be used for development and not for production. H2 can also be used as a database backend, but this is strongly discouraged in production environments. So we have not updated the H2 library as production is unaffected. |
|
CSD-3970 |
JAVA Runtime |
When importing a profile.xml using the XmlConverter an exception is thrown when loading an already existing singleton entity instance. |
This was a regression which occurred after the resolution of CSD-3923. When importing a profile.xml into a prefilled profile the existing singletons will be used, otherwise the imported profile instance will be used. |
|
CSD-3912 |
|
The inability to find a qualified name when importing a WSDL would omit the qualified name, making it hard to debug the issue. |
The qualified name that could not be found is now included in the log. |
|
CSD-3931 |
|
Importing a branch export from a Studio version older than R13 could fail if it contains external libraries that require a migration. |
When an older branch export is imported into a newer Studio version, any external libraries are now correctly migrated as well. |
|
CSD-3930 |
|
When an inline field is present on a page, the generation of a document using the document plugin would fail |
Inline fields no longer cause the document generation plugin to fail |
2. Log4shell
Several critical CVEs were reported on the log4j-core library. Blueriq is not affected by these CVEs, see https://www.blueriq.com/en/insights/measures-concerning-log4shell for our statement.
We do use log4j dependencies (log4j-api and log4j-to-slf4j) that are not affected, but use the same versioning scheme as the affected log4j-core library. To avoid confusion, we upgraded these libraries to the latest version 2.17.0.
3. Upgrade Instructions
There are no specific upgrade instructions for this release.
As a best practice
- backup your repository
- backup your database before running scripts
- backup your
spring.config.additional-locationdirectory ([Blueriq installation directory]\Runtime) - backup any config files you have altered under [Blueriq installation directory]\Services
before you start the upgrade.
4. Artifacts
The Blueriq artifacts are available under name: 13.13.11.4253
This release includes these versions of Blueriq components with a separate life cycle:
|
Component |
Version |
|---|---|
| Customer Data Service | 3.4.5 |
| DCM Lists Service | 1.4.4 |
| Material Theme | 1.0.40 |
| Development tools | 1.1.1 |
5. Aquima Libraries
There are no specific Library updates for this release.
6. Libraries
The third party libraries were updated in this release.
|
ArtifactId |
GroupId |
License |
13.13.10 |
13.13.11 |
|---|---|---|---|---|
|
io.netty |
|
2.0.46.Final |
||
|
io.netty |
|
4.1.72.Final |
||
|
org.apache.logging.log4j |
2.13.3 |
2.17.0 |
||
|
org.apache.logging.log4j |
2.13.3 |
2.17.0 |
||
|
io.netty |
4.1.69.Final |
4.1.72.Final |
||
|
io.netty |
4.1.69.Final |
4.1.72.Final |
||
|
io.netty |
4.1.69.Final |
4.1.72.Final |
||
|
io.netty |
4.1.69.Final |
4.1.72.Final |
||
|
io.netty |
4.1.69.Final |
4.1.72.Final |
||
|
io.netty |
4.1.69.Final |
4.1.72.Final |
||
|
io.netty |
4.1.69.Final |
4.1.72.Final |
||
|
io.netty |
4.1.69.Final |
4.1.72.Final |
||
|
io.netty |
4.1.69.Final |
4.1.72.Final |
||
|
io.netty |
4.1.69.Final |
4.1.72.Final |
||
|
io.netty |
4.1.69.Final |
4.1.72.Final |
||
|
io.netty |
4.1.69.Final |
4.1.72.Final |
7. Known issues
For an overview of known issue please refer to: Known issues
Overview
Content Tools