You are viewing the documentation for Blueriq 16. Documentation for other versions is available in our documentation directory.
Identifier |
Component |
Issue |
Solution |
---|---|---|---|
BQ-21733 |
|
CVE-2023-6378 has been detected on the logback-core dependency. |
Updated logback-core to the latest version. |
BQ-21672 |
Audit Consumer, Customer Data Service, DCM Dashboard, DCM Lists Service, Gateway, Maintenance App |
CVE-2023-34055 was detected in Spring boot Actuator version 3.1.5 and lower |
Fixed by upgrading to the latest version of Spring boot |
BQ-21671 |
|
CVE-2023-34055 has been reported on Spring Boot. Also, CVE-2023-34053 has been reported on Spring Boot 3.x, which is used by R16. |
For R15 & R16, Spring Boot has been upgraded to the latest version. For lower versions, there is no fix available since the underlying Spring Boot version is no longer supported. Upgrade to a newer Blueriq version. In the meantime, have a look at the temporary workaround described in [ https://spring.io/security/cve-2023-34055]. |
CSD-5022 |
Encore |
Validation warnings for an ERD may be shown as error in the ERD editor. |
The ERD editor now shows warnings as warnings instead of errors. |
BQ-21553 |
|
When you use the reindexing functionality on the case engine while the actuator profile is active, indexing fails. |
Reindexing requires loading the application metamodel, which conflicted with the actuators. By loading the metamodel differently, this conflict no longer exists so reindexing works normally with the actuators turned on. |
CSD-4909 |
Encore |
Global elements with the same name across multiple projects would not be reported as error in some cases, depending on the project structure. |
Duplicate globals are now reported on the list of project references of a project. |