You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

Release Date

 

ContentRelease 4.1.5
DownloadPlease contact support@blueriq.com 



On this page:

Note that Publisher 5 is already available, so please try to upgrade to the newest version.


Bugfixes

Incident number

Summary (problem description)

Resolution

PUB-212Environments with sortvalue = null caused errors. If sortvalue is missing the environments are shown at the end.
PUB-202

The following CVEs on 3rd party dependencies were reported: 

  • CVE-2019-11358 : jquery-3.0.0.min.js
  • CVE-2019-10172 : jackson-mapper-asl-1.9.13.jar
  • CVE-2019-11358 : jquery.js
  • CVE-2019-16942, CVE-2019-16943, CVE-2019-17531 : jackson-databind-2.9.10.jar
  • CVE-2019-11065, CVE-2019-15052, CVE-2019-16370 : springfox-core-2.9.2.jar
  • CVE-2017-1000487 : plexus-utils-2.0.6.jar
  • Directory traversal in org.codehaus.plexus.util.Expand : plexus-utils-2.0.6.jar
  • Possible XML Injection : plexus-utils-2.0.6.jar
  • A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template : handlebars-4.0.5.js

CVEs were fixed. 

Upgrade Instructions

There are no upgrade instructions.

3rd Party Libraries

There is also a page available which lists all the 3rd party libraries that are used in the Publisher. See for more information: Blueriq Publisher 4 libraries. For a list of all known vulnerabilities please view Blueriq Publisher Vulnerabilities

  • No labels