Versions Compared

Old Version 1

changes.mady.by.user Roy Bissels

Saved on

compared with

New Version 2

changes.mady.by.user Roy Bissels

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Identifier

Component

Issue

Solution

BQ-21304

 


Several CVEs have been reported on the runtime: CVE-2023-44487 (a problem with Netty), CVE-2023-44483 (a problem with xmlsec) and CVE-2023-4759 (a problem with JGit).

All the CVEs have been addressed. CVE-2023-44487 by upgrading Netty, CVE-2023-44483 by upgrading xmlsec and CVE-2023-4759 turned out to be a false positive, it was already fixed in the version we are shipping, but the dependency checker incorrectly links the CVE to the fixed version. This is suppressed.

BQ-21279

 


CVE-2023-34050 has been reported on the spring-amqp library.

For R16/15/14, this has been fixed by upgrading Spring Boot/underlying spring-amqp libraries. For older versions, there is no upgrade path. Upgrade to a more recent version of Blueriq and in the meantime take the measures as outlined by

https://spring.io/security/cve-2023-34050
Image Removed
Image Added

.

BQ-21223

 


Closing a module in Encore would incorrectly contain a message that indicates that unsaved changes would be saved, but these changes remain unsaved

The message has been removed completely, as it was no longer accurate and could cause confusion

BQ-21220

Encore

When you toggle a relation reference in an aggregate and that relation is located in an external library encore would report an error and the toggle wouldn't be toggled.

Toggling relation references of relations in external libraries no longer results in an error.

BQ-21188

 


Committing on a branch without branch type could report an error in certain circumstances, as commit permissions could not be verified

Branches without branch type can now be committed normally again

CSD-4907

 


The webservice editor in Encore would not show any flows to execute for an exposed operation if the webservice is defined in a library with multiple root modules.

Webservices in libraries will now allow you to select a flow again, as well as including the flow usage as a dependency and reporting an error if the flow does not exist. This is an improvement compared to Blueriq Studio, which would fall back to a raw text input without providing validations and dependencies.

CSD-4606

Document Renderer

Setting configuration properties that already exist inside the YML file as environment variables does not override them. YML file is prioritized over environment variables.

Environment variables are now loaded last and thus override any other configuration properties source.