Versions Compared

Old Version 1

changes.mady.by.user Alexandra Aldea

Saved on

compared with

New Version 2

changes.mady.by.user Alexandra Aldea

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Release Date

 

ContentRelease 5.0.5
Download

UI Button
colorpurple
icondownload
titleDownload Blueriq
urlhttps://my.blueriq.com/display/CUS/Customers+Home



Panel

On this page:

Table of Contents
maxLevel2
stylenone

Bugfixes

Incident number
Summary (problem description)
Resolution
PUB-192Fix CVE-2016-10036False positive CVE. The CVE is not Applicable for the Artifactory-client library's Blueriq uses.
PUB-193Fix CVE-2019-12086The Jackson dependencies have been upgraded to version 2.9.9, which doesn't contain the vulnerability.
PUB-195

Fix CVEs: 

CVE-2019-10321
CVE-2019-10322
CVE-2019-10323
CVE-2019-10324

False positives, The CVE is not Applicable for the Artifactory-client library's Blueriq uses.
PUB-196

Fix CVEs :

CVE-2019-11269

CVE-2019-12814

CVE-2019-11269 - Fixed by upgrading to sprint security oauth to 2.3.6. 

CVE-2019-12814 - is a false positive , jackson databind is not used in such a way that the usage of the library is dangerous. 

Upgrade Instructions

There are no specific upgrade instructions but when you upgrade from version 4.x, please take a look at the Platform support and Installing Publisher 5 due to the upgrade to Java 11.

3rd Party Libraries

There is also a page available which lists all the 3rd party libraries that are used in the Publisher. See for more information: Blueriq Publisher 5 libraries.