You are viewing the documentation for Blueriq 14. Documentation for other versions is available in our documentation directory.

2. Upgrade Instructions

There are no specific upgrade instructions for this release.

As a best practice

  • backup your repository
  • backup your database before running scripts
  • backup your spring.config.additional-location directory ([Blueriq installation directory]\Runtime)
  • backup any config files you have altered under [Blueriq installation directory]\Services

before you start the upgrade.

3. Artifacts

 The Blueriq artifacts are available under name: 14.11.12.5556

This release includes these versions of Blueriq components with a separate life cycle:

Component

Version

Customer Data Service 3.4.15
DCM Lists Service 2.0.7
Material Theme 1.0.52
Development tools frontend 1.2.2
Document Renderer 1.1.1

4. Aquima Libraries

ArtifactId

GroupId

License

Version in 14.11.11

Version in 14.11.12

commons-compiler

org.codehaus.janino

3-clause BSD License

3.1.7

3.1.8

groovy

org.codehaus.groovy

Apache License 2.0

3.0.10

3.0.13

hibernate-core

org.hibernate

LGPL 2.1

5.6.9.Final

5.6.11.Final

hibernate-entitymanager

org.hibernate

LGPL 2.1

5.6.9.Final

5.6.11.Final

hibernate-validator

org.hibernate.validator

Apache License 2.0

6.2.3.Final

6.2.5.Final

jackson-annotations

com.fasterxml.jackson.core

Apache License 2.0

2.13.3

2.13.4

jackson-core

com.fasterxml.jackson.core

Apache License 2.0

2.13.3

2.13.4

jackson-databind

com.fasterxml.jackson.core

Apache License 2.0

2.13.3

2.13.4

jackson-dataformat-xml

com.fasterxml.jackson.dataformat

Apache License 2.0

2.13.3

2.13.4

jackson-dataformat-yaml

com.fasterxml.jackson.dataformat

Apache License 2.0

2.13.3

2.13.4

jackson-datatype-jsr310

com.fasterxml.jackson.datatype

Apache License 2.0

2.13.3

2.13.4

janino

org.codehaus.janino

3-clause BSD License

3.1.7

3.1.8

metrics-core

io.dropwizard.metrics

Apache License 2.0

4.2.9

4.2.12

micrometer-core

io.micrometer

Apache License 2.0

1.8.6

1.8.10

netty-buffer

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-codec

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-codec-dns

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-codec-http

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-codec-http2

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-codec-socks

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-common

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-handler

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-handler-proxy

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-incubator-codec-classes-quic

io.netty.incubator

Apache License 2.0

0.0.26.Final

0.0.30.Final

netty-incubator-codec-native-quic

io.netty.incubator

Apache License 2.0

0.0.26.Final

0.0.30.Final

netty-resolver

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-resolver-dns

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-resolver-dns-classes-macos

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-resolver-dns-native-macos

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-transport

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-transport-classes-epoll

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-transport-native-epoll

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

netty-transport-native-unix-common

io.netty

Apache License 2.0

4.1.77.Final

4.1.82.Final

reactive-streams

org.reactivestreams

Creative Commons CC0

1.0.3

1.0.4

reactor-core

io.projectreactor

Apache License 2.0

3.4.18

3.4.23

reactor-netty

io.projectreactor.netty

Apache License 2.0

1.0.19

1.0.23

reactor-netty-core

io.projectreactor.netty

Apache License 2.0

1.0.19

1.0.23

reactor-netty-http

io.projectreactor.netty

Apache License 2.0

1.0.19

1.0.23

reactor-netty-http-brave

io.projectreactor.netty

Apache License 2.0

1.0.19

1.0.23

reactor-netty-incubator-quic

io.projectreactor.netty.incubator

Apache License 2.0

0.0.8

0.0.12

spring-amqp

org.springframework.amqp

Apache License 2.0

2.4.5

2.4.7

spring-aop

org.springframework

Apache License 2.0

5.3.20

5.3.23

spring-beans

org.springframework

Apache License 2.0

5.3.20

5.3.23

spring-boot

org.springframework.boot

Apache License 2.0

2.6.8

2.6.12

spring-boot-actuator

org.springframework.boot

Apache License 2.0

2.6.8

2.6.12

spring-boot-actuator-autoconfigure

org.springframework.boot

Apache License 2.0

2.6.8

2.6.12

spring-boot-autoconfigure

org.springframework.boot

Apache License 2.0

2.6.8

2.6.12

spring-boot-configuration-processor

org.springframework.boot

Apache License 2.0

2.6.8

2.6.12

spring-boot-starter

org.springframework.boot

Apache License 2.0

2.6.8

2.6.12

spring-boot-starter-aop

org.springframework.boot

Apache License 2.0

2.6.8

2.6.12

spring-boot-starter-data-mongodb

org.springframework.boot

Apache License 2.0

2.6.8

2.6.12

spring-boot-starter-logging

org.springframework.boot

Apache License 2.0

2.6.8

2.6.12

spring-boot-starter-validation

org.springframework.boot

Apache License 2.0

2.6.8

2.6.12

spring-context

org.springframework

Apache License 2.0

5.3.20

5.3.23

spring-context-support

org.springframework

Apache License 2.0

5.3.20

5.3.23

spring-core

org.springframework

Apache License 2.0

5.3.20

5.3.23

spring-data-commons

org.springframework.data

Apache License 2.0

2.6.4

2.6.7

spring-data-keyvalue

org.springframework.data

Apache License 2.0

2.6.4

2.6.7

spring-data-mongodb

org.springframework.data

Apache License 2.0

3.3.4

3.3.7

spring-data-redis

org.springframework.data

Apache License 2.0

2.6.4

2.6.7

spring-expression

org.springframework

Apache License 2.0

5.3.20

5.3.23

spring-jcl

org.springframework

Apache License 2.0

5.3.20

5.3.23

spring-jdbc

org.springframework

Apache License 2.0

5.3.20

5.3.23

spring-messaging

org.springframework

Apache License 2.0

5.3.20

5.3.23

spring-orm

org.springframework

Apache License 2.0

5.3.20

5.3.23

spring-oxm

org.springframework

Apache License 2.0

5.3.20

5.3.23

spring-rabbit

org.springframework.amqp

Apache License 2.0

2.4.5

2.4.7

spring-security-config

org.springframework.security

Apache License 2.0

5.6.5

5.6.7

spring-security-core

org.springframework.security

Apache License 2.0

5.6.5

5.6.7

spring-security-crypto

org.springframework.security

Apache License 2.0

5.6.5

5.6.7

spring-security-ldap

org.springframework.security

Apache License 2.0

5.6.5

5.6.7

spring-security-oauth2-client

org.springframework.security

Apache License 2.0

5.6.5

5.6.7

spring-security-oauth2-core

org.springframework.security

Apache License 2.0

5.6.5

5.6.7

spring-security-web

org.springframework.security

Apache License 2.0

5.6.5

5.6.7

spring-tx

org.springframework

Apache License 2.0

5.3.20

5.3.23

spring-web

org.springframework

Apache License 2.0

5.3.20

5.3.23

spring-webflux

org.springframework

Apache License 2.0

5.3.20

5.3.23

spring-webmvc

org.springframework

Apache License 2.0

5.3.20

5.3.23

woodstox-core

com.fasterxml.woodstox

Apache License 2.0

6.2.7

6.3.1

5. Libraries

There are no specific Library updates for this release.

6. Retirement announcement

There are no specific retirement announcements.

For a full list of deprecated features, go to Deprecated features.

7. Bug fixes

Identifier

Component

Issue

Solution

CSD-4377 Runtime Detected CVE-2022-22980 Although we do not use any of the vulnerable code we have upgraded the version of spring-data-mongodb which does not contain the vulnerability

CSD-4344

Runtime

When reading an aggregate which contains a user-set unknown multi-valued attribute, the attribute becomes system-set. 

This issue has been resolved, stored user-set unknown attributes are still user-set unknown when reading the aggregate, regardless if it it is multi-valued or single-valued

CSD-4309


If running behind a reverse proxy server, in the development dashboard, some webservice links would not be rewritten to match the proxy server configuration, but they would display the internal URL structure.

This has been fixed.

CSD-4390 Runtime CVE-2022-42004 was discovered for jackson-databind prior to version 2.13.4. For Runtime 15.x, spring-framework has been updated to the latest version where this issue is fixed. Updated jackson-databind to 2.13.4

8. Known issues

For an overview of known issue please refer to: Known issues


  • No labels