1. Bugfixes
| Issue | Description | Solution |
|---|---|---|
| BMA-518 | Detected CVE-2022-42003 | Fixed by upgrading jackson-databind to version 2.13.4.20221012 |
|
BQ-18217 |
CVE-2022-1471 |
Suppressed false positive |
|
BQ-18206 |
CVE-2022-45868 |
Suppressed false positive |
|
BQ-18248 |
CVE-2022-40152 |
Suppressed false positive |
|
BQ-18164 |
CVE-2022-42252 & CVE-2022-29885 |
Suppressed false positive |
|
BQ-18582 |
CVE-2022-3064 & CVE-2021-4235 |
Suppressed false positive |
| BMA-543 |
CVE-2022-45688 |
Suppressed false positive |
| CSD-4427 |
Detecting new line comments as expression |
Fixed by changing way the expressions are searched for. |
| CSD-3075 | In some cases, coverage for decision tables would be computed incorrectly. | The coverage for decision tables is now computed correctly. |
| CSD-3306 | In some cases, number of branches would be computed incorrectly. | Number of branches is now computed correctly. |
2. Upgrade instructions
When upgrading the BMA please follow the General Upgrade Instructions.
3. Artifacts
The Blueriq artifacts are available under name: 4.1.6
Overview
Content Tools