Page History
Note |
---|
Note that Publisher 5 is already available, so please try to upgrade to the newest version. |
Bugfixes
Incident number | Summary (problem description) | Resolution |
---|---|---|
PUB-196 | Fix CVEs : CVE-2019-11269 CVE-2019-12814 | CVE-2019-11269 - Fixed by upgrading to sprint security oauth to 2.3.6. CVE-2019-12814 CVE warnings are now fixed.- is a false positive , jackson databind is not used in such a way that the usage of the library is dangerous. |
PUB-195 | Fix CVEs: | CVE warnings are now fixedFalse positives, The CVE is not Applicable for the Artifactory-client library's Blueriq uses. |
PUB-192 | Fix CVE-2016-10036CVE | warnings are now fixed False positive CVE. The CVE is not Applicable for the Artifactory-client library's Blueriq uses. |
PUB-193 | Fix CVE-2019-12086CVE warnings are now fixed | The Jackson dependencies have been upgraded to version 2.9.9, which doesn't contain the vulnerability. |
Upgrade Instructions
There are no upgrade instructions.
3rd Party Libraries
There is also a page available which lists all the 3rd party libraries that are used in the Publisher. See for more information: Blueriq Publisher 4 libraries. For a list of all known vulnerabilities please view Blueriq Publisher Vulnerabilities.
Overview
Content Tools