You are viewing the documentation for Blueriq 14. Documentation for other versions is available in our documentation directory.
1. Upgrade Instructions
For this release there are not specific upgrade instructions.
As a best practice
- backup your repository
- backup your database before running scripts
- backup your
spring.config.additional-locationdirectory ([Blueriq installation directory]\Runtime) - backup any config files you have altered under [Blueriq installation directory]\Services
before you start the upgrade.
2. Artifacts
The Blueriq artifacts are available under name: 14.11.30.6353
This release includes these versions of Blueriq components with a separate life cycle:
Component | Version |
|---|---|
| Customer Data Service | 3.4.22 |
| DCM Lists Service | 2.0.11 |
| Material Theme | 1.1.3 |
| Development tools frontend | 1.3.1 |
| Document Renderer | 1.1.1 |
3. Libraries
For this release there are no specific Library updates.
In this release, the set of third party libraries that is used by Blueriq was updated. When your installation of Blueriq includes custom components (artifacts that do not ship with Blueriq, such as proprietary plugins), those components should be tested for compatibility with these changes.
ArtifactId | GroupId | License | Version in 14.11.29 | Version in 14.11.30 |
|---|---|---|---|---|
org.bouncycastle | 1.68 |
| ||
org.bouncycastle | 1.68 |
| ||
com.jcraft | 0.1.55 |
| ||
com.jcraft | 1.1.1 |
| ||
org.eclipse.jgit | 5.12.0.202106070339-r |
| ||
org.bouncycastle |
| 1.76 | ||
org.bouncycastle |
| 1.76 | ||
org.bouncycastle |
| 1.76 | ||
net.i2p.crypto |
| 0.3.0 | ||
org.eclipse.jgit |
| 5.13.1.202206130422-r | ||
org.apache.sshd |
| 2.10.0 | ||
org.apache.sshd |
| 2.10.0 | ||
org.apache.sshd |
| 2.10.0 | ||
org.apache.sshd |
| 2.10.0 | ||
io.zipkin.brave | 5.13.7 | 5.13.9 | ||
io.zipkin.brave | 5.13.7 | 5.13.9 | ||
io.zipkin.brave | 5.13.7 | 5.13.9 | ||
io.zipkin.brave | 5.13.7 | 5.13.9 | ||
io.zipkin.brave | 5.13.7 | 5.13.9 | ||
io.zipkin.brave | 5.13.7 | 5.13.9 | ||
io.zipkin.brave | 5.13.7 | 5.13.9 | ||
io.zipkin.brave | 5.13.7 | 5.13.9 | ||
io.zipkin.brave | 5.13.7 | 5.13.9 | ||
io.zipkin.brave | 5.13.7 | 5.13.9 | ||
io.zipkin.brave | 5.13.7 | 5.13.9 | ||
io.zipkin.brave | 5.13.7 | 5.13.9 | ||
io.zipkin.brave | 5.13.7 | 5.13.9 | ||
org.codehaus.janino | 3.1.9 | 3.1.10 | ||
org.codehaus.groovy | 3.0.13 | 3.0.17 | ||
org.hibernate | 5.6.14.Final | 5.6.15.Final | ||
org.hibernate | 5.6.14.Final | 5.6.15.Final | ||
org.apache.httpcomponents | 4.5.13 | 4.5.14 | ||
org.apache.httpcomponents | 4.4.15 | 4.4.16 | ||
com.fasterxml.jackson.core | 2.13.4 | 2.13.5 | ||
com.fasterxml.jackson.core | 2.13.4 | 2.13.5 | ||
com.fasterxml.jackson.core | 2.13.4.2 | 2.13.5 | ||
com.fasterxml.jackson.dataformat | 2.13.4 | 2.13.5 | ||
com.fasterxml.jackson.dataformat | 2.13.4 | 2.13.5 | ||
com.fasterxml.jackson.datatype | 2.13.4 | 2.13.5 | ||
org.codehaus.janino | 3.1.9 | 3.1.10 | ||
com.googlecode.javaewah | 1.1.7 | 1.1.13 | ||
org.glassfish.jaxb | 2.3.7 | 2.3.8 | ||
ch.qos.logback | 1.2.11 | 1.2.12 | ||
ch.qos.logback | 1.2.11 | 1.2.12 | ||
io.dropwizard.metrics | 4.2.13 | 4.2.18 | ||
io.micrometer | 1.8.12 | 1.8.13 | ||
io.netty.incubator | 0.0.34.Final | 0.0.40.Final | ||
io.netty.incubator | 0.0.34.Final | 0.0.40.Final | ||
org.eclipse.jgit | 5.12.0.202106070339-r | 5.13.1.202206130422-r | ||
org.eclipse.jgit | 5.12.0.202106070339-r | 5.13.1.202206130422-r | ||
io.projectreactor | 3.4.29 | 3.4.31 | ||
io.projectreactor.netty | 1.0.25 | 1.0.32 | ||
io.projectreactor.netty | 1.0.25 | 1.0.32 | ||
io.projectreactor.netty | 1.0.25 | 1.0.32 | ||
io.projectreactor.netty | 1.0.25 | 1.0.32 | ||
io.projectreactor.netty.incubator | 0.0.14 | 0.0.21 | ||
org.springframework.amqp | 2.4.8 | 2.4.12 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework.boot | 2.6.14 | 2.6.15 | ||
org.springframework.boot | 2.6.14 | 2.6.15 | ||
org.springframework.boot | 2.6.14 | 2.6.15 | ||
org.springframework.boot | 2.6.14 | 2.6.15 | ||
org.springframework.boot | 2.6.14 | 2.6.15 | ||
org.springframework.boot | 2.6.14 | 2.6.15 | ||
org.springframework.boot | 2.6.14 | 2.6.15 | ||
org.springframework.boot | 2.6.14 | 2.6.15 | ||
org.springframework.boot | 2.6.14 | 2.6.15 | ||
org.springframework.boot | 2.6.14 | 2.6.15 | ||
org.springframework.cloud | 3.1.1 | 3.1.6 | ||
org.springframework.cloud | 3.1.1 | 3.1.7 | ||
org.springframework.cloud | 3.1.1 | 3.1.7 | ||
org.springframework.cloud | 3.1.1 | 3.1.6 | ||
org.springframework.cloud | 3.1.1 | 3.1.8 | ||
org.springframework.cloud | 3.1.1 | 3.1.8 | ||
org.springframework.cloud | 3.1.1 | 3.1.8 | ||
org.springframework.cloud | 3.1.1 | 3.1.8 | ||
org.springframework.cloud | 3.1.1 | 3.1.6 | ||
org.springframework.cloud | 3.1.1 | 3.1.6 | ||
org.springframework.cloud | 3.1.1 | 3.1.7 | ||
org.springframework.cloud | 3.1.1 | 3.1.8 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework.amqp | 2.4.8 | 2.4.12 | ||
org.springframework.security | 5.6.9 | 5.6.12 | ||
org.springframework.security | 5.6.9 | 5.6.12 | ||
org.springframework.security | 5.6.9 | 5.6.12 | ||
org.springframework.security | 5.6.9 | 5.6.12 | ||
org.springframework.security | 5.6.9 | 5.6.12 | ||
org.springframework.security | 5.6.9 | 5.6.12 | ||
org.springframework.security | 1.0.10.RELEASE | 1.0.12.RELEASE | ||
org.springframework.security | 5.6.9 | 5.6.12 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework | 5.3.27 | 5.3.29 | ||
org.springframework.ws | 3.1.4 | 3.1.6 | ||
org.springframework.ws | 3.1.4 | 3.1.6 | ||
org.springframework.ws | 3.1.4 | 3.1.6 | ||
org.glassfish.jaxb | 2.3.7 | 2.3.8 |
4. Retirement announcement
For this release there are no specific retirement announcements.
For a full list of deprecated features, go to Deprecated features.
5. Bug fixes
Identifier | Component | Issue | Solution |
|---|---|---|---|
BQ-20832 | Runtime, Customer Data Service | CVE-2023-33546 is reported on the Janino library which is used by older versions of the runtime & CDS | The Janino library has been upgraded to the latest version in which the CVE was fixed. |
BQ-20797 | Tomcat | The Tomcat server that was bundled with the Blueriq installer was vulnerable to CVE-2023-28709. | Tomcat has been updated to address the vulnerability. |
BQ-20768 | Runtime | CVE-20873 was detected for Spring boot | Fixed by upgrading Spring boot to the latest versions. |
BQ-20749 | Studio | Various CVEs (CVE-2020-1045, CVE-2022-29117, CVE-2017-11770) were reported for the Studio backend, but none were applicable to the .NET version used by Blueriq | Suppressed the specific CVEs |
BQ-20747 | Audit Consumer, Customer Data Service, DCM Dashboard, DCM Lists Service, Gateway, Runtime, Maintenance App | CVE-2023-33201 detected for bouncy-castle lower than 1.73 | Upgraded to version 1.76 |
CSD-4853 | Audit Consumer, Customer Data Service, DCM Lists Service, Runtime, Maintenance App | CVE-2023-34034 was detected for Spring security | Blueriq is not affected by CVE-2023-34034 since we do not use '**' matchers and certainly not with Spring WebFlux. Nevertheless we have upgrade the Spring dependencies to version that are no longer affected by this CVE. |
6. Known issues
For an overview of known issue please refer to: Known issues
Overview
Content Tools