You are viewing the documentation for Blueriq 16. Documentation for other versions is available in our documentation directory.

1. Documentation

Documentation on the new features and improvements of this release is linked in the respective topics

2. Upgrade Instructions

See Release 16.11.7 Upgrade Instructions for the upgrade instructions for this release.

As a best practice

  • backup your repository
  • backup your database before running scripts
  • backup your spring.config.additional-location directory ([Blueriq installation directory]\Runtime)
  • backup any config files you have altered under [Blueriq installation directory]\Services

before you start the upgrade.

3. Artifacts

The Blueriq artifacts are available under name: 16.11.7.2511

This release includes these versions of Blueriq components with a separate life cycle:

Component

Version

Customer Data Service 4.5.4
DCM Lists Service 3.1.4
Material Theme 1.3.4
Development tools frontend 1.7.0
DCM Maintenance App 4.1.7
Audit Consumer 0.5.5
DCM Dashboard Service

1.1.4

Gateway Service 0.4.7
Document Renderer 2.2.0

4. Libraries

ArtifactId

GroupId

License

Version in 16.11.6

Version in 16.11.7

asm

org.ow2.asm

3-clause BSD License

9.5

9.7

cxf-core

org.apache.cxf

Apache License 2.0

3.5.8

3.5.9

cxf-rt-bindings-soap

org.apache.cxf

Apache License 2.0

3.5.6

3.5.9

cxf-rt-bindings-xml

org.apache.cxf

Apache License 2.0

3.5.6

3.5.9

cxf-rt-databinding-jaxb

org.apache.cxf

Apache License 2.0

3.5.6

3.5.9

cxf-rt-frontend-jaxws

org.apache.cxf

Apache License 2.0

3.5.6

3.5.9

cxf-rt-frontend-simple

org.apache.cxf

Apache License 2.0

3.5.6

3.5.9

cxf-rt-transports-http

org.apache.cxf

Apache License 2.0

3.5.6

3.5.9

cxf-rt-ws-addr

org.apache.cxf

Apache License 2.0

3.5.6

3.5.9

cxf-rt-ws-policy

org.apache.cxf

Apache License 2.0

3.5.6

3.5.9

cxf-rt-wsdl

org.apache.cxf

Apache License 2.0

3.5.6

3.5.9

5. Retirement announcement

There are no specific retirement announcements.

For a full list of deprecated features, go to Deprecated features.

6. Bug fixes

Identifier

Component

Issue

Solution

BQ-23584

Java Runtime

The XSS blacklist filter could fail to detect some patterns that may be considered potentially harmful.

The XSS blacklist filtering has been improved.

BQ-23557

Java Runtime

Three CVE's (CVE-2024-29736, CVE-2024-32007, CVE-2024-41172) have been reported on Apache CXF on versions older than 4.0.5, 3.6.4 and 3.5.9

Updated Apache CXF to the latest patch version.

CSD-5375

Java Runtime

Input values containing backslash-escaped zeroes would inadvertently be interpreted as null bytes in the XSS filtering layer, even if the original input value is not otherwise determed to be malicious.

The XSS filtering has been improved to better account for null bytes that are a result of canonicalization.

BQ-23533

 

The Maintenance app would end up in an infinite loop when an unexpected error happens during processing of a dead letter message.

Added a RetryOperationsInterceptor that will make sure that messages will send to an error exchange when an unexpected error during processing of a dead letter message happens.

CSD-5385

Encore

Start and Message event nodes in Processes have a Message event field. While this field is required in the Runtime, it was optional in Encore. This may cause errors in the Runtime while running a model.

A validation has been added to both types of Message event fields. Encore will display a message when a Message event is not provided.

7. Known issues

For an overview of known issue please refer to: Known issues