You are viewing the documentation for Blueriq 14. Documentation for other versions is available in our documentation directory.
1. Bug fixes
|
Identifier |
Component |
Issue |
Solution |
|---|---|---|---|
|
BQ-14595 |
JAVA Runtime |
CVE-2021-3860 is reported for Jenkins plugin. Blueriq is only using the client API which is not related to Jenkins |
Suppress because it is a false positive |
|
BQ-14576 |
|
CVE-2021-44832 is reported on the log4j-core library. Blueriq does not use this library. The CVE is incorrectly matched to the log4j-api library that uses the same versioning scheme. This library is used by Blueriq, but it is not vulnerable. |
To avoid confusion, we upgraded the log4j libraries that Blueriq does use to the latest version. |
|
BQ-14520 |
|
Logback contains a CVE which is hard to exploit but has a possible high impact (CVE-2021-42550) |
Logback has been upgraded to a new version which no longer contains this vulnarability |
|
CSD-3966, CSD-3403, CSD-2690 |
JAVA Runtime |
When using the AQ_RestServiceClient the response message is not interpreted when the response content type is application/problem+json |
application/problem+json is a default content type for REST response which are errors. Therefore we have added application/problem+json and application/problem+xml as accepted default content types. |
2. Upgrade Instructions
There are no specific upgrade instructions for this release.
As a best practice
- backup your repository
- backup your database before running scripts
- backup your
spring.config.additional-locationdirectory ([Blueriq installation directory]\Runtime) - backup any config files you have altered under [Blueriq installation directory]\Services
before you start the upgrade.
3. Artifacts
The Blueriq artifacts are available under name: 14.7.1.4317
This release includes these versions of Blueriq components with a separate life cycle:
|
Component |
Version |
|---|---|
| Customer Data Service | 3.4.7 |
| DCM Lists Service | 1.4.6 |
| Material Theme | 1.0.40 |
| Development tools v2 | 1.1.1 |
4. Aquima Libraries
There are no changes to the Aquima Libraries for this release.
5. Known issues
For an overview of known issue please refer to: Known issues
6. Libraries
Overview
Content Tools