You are viewing the documentation for Blueriq 16. Documentation for other versions is available in our documentation directory.
Identifier | Component | Issue | Solution |
---|---|---|---|
BQ-21304 | Java Runtime | Several CVEs have been reported on the runtime: CVE-2023-44487 (a problem with Netty), CVE-2023-44483 (a problem with xmlsec) and CVE-2023-4759 (a problem with JGit). | All the CVEs have been addressed. CVE-2023-44487 by upgrading Netty, CVE-2023-44483 by upgrading xmlsec and CVE-2023-4759 turned out to be a false positive, it was already fixed in the version we are shipping, but the dependency checker incorrectly links the CVE to the fixed version. This is suppressed. |
BQ-21279 | Java Runtime | CVE-2023-34050 has been reported on the spring-amqp library. | For R16/15/14, this has been fixed by upgrading Spring Boot/underlying spring-amqp libraries. For older versions, there is no upgrade path. Upgrade to a more recent version of Blueriq and in the meantime take the measures as outlined by https://spring.io/security/cve-2023-34050 |
BQ-21278 | studio | When initializing a domain schema in encore the root name is empty. Keeping it empty does not trigger a validation, but does result in a fatal runtime error. | An empty domain schema root name does not result in a runtime error anymore. |
BQ-21223 | Encore | Closing a module in Encore would incorrectly contain a message that indicates that unsaved changes would be saved, but these changes remain unsaved | The message has been removed completely, as it was no longer accurate and could cause confusion |
BQ-21220 | Encore | When you toggle a relation reference in an aggregate and that relation is located in an external library encore would report an error and the toggle wouldn't be toggled. | Toggling relation references of relations in external libraries no longer results in an error. |
BQ-21188 | Encore | Committing on a branch without branch type could report an error in certain circumstances, as commit permissions could not be verified | Branches without branch type can now be committed normally again |
BQ-21124 | case engine | When a message event value results in UNKNOWN, the value is sent as an empty list [] to the Case Engine. After this, the Case Engine tries to parse this empty list and crashes. | We have updated the Runtime and Case Engine to avoid sending empty values as an empty list, not send unknown values, throw a proper exception with descriptive message when required field is missing and allow optional fields to be empty. |
BQ-21013 | JAVA Runtime | Reloading a project in the development toolbar on an environment with the dcm-dashboard project active results into a session expired error. | This has been fixed. |
CSD-4907 | Encore | The webservice editor in Encore would not show any flows to execute for an exposed operation if the webservice is defined in a library with multiple root modules. | Webservices in libraries will now allow you to select a flow again, as well as including the flow usage as a dependency and reporting an error if the flow does not exist. This is an improvement compared to Blueriq Studio, which would fall back to a raw text input without providing validations and dependencies. |
BQ-20909 | installer | When installing Blueriq the Runtime conf folder contains a documents folder with all empty folders inside it, this is unexpected. | These folders where leftover from the old package document renderer in the Runtime, which had not been removed from the Installer. This has been fixed. |
BQ-20864 | Encore | Moving a module into a different project could loose all module elements within the module until a restart of the Studio Server. | Module elements are now properly moved along with the moved module. |
CSD-4606 | Document Renderer | Setting configuration properties that already exist inside the YML file as environment variables does not override them. YML file is prioritized over environment variables. | Environment variables are now loaded last and thus override any other configuration properties source. |