You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Release Date

 

ContentRelease 5.0.6
Download

Download Blueriq



On this page:

Bugfixes

Incident number
Summary (problem description)
Resolution
PUB-197CVE-2019-1068, A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'Warning was suppressed, as the CVE is present in database itself, please read recommendations provided by Microsoft, https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1068.
PUB-201Fix CVE-2019-14379Jackson-Databind has a CVE we have upgraded it from 2.9.9.1 to 2.9.9.3
PUB-202Fix CVE-2019-14540 & CVE-2019-16335Fixed by updating the jackson dependencies to 2.9.10.

Upgrade Instructions

There are no specific upgrade instructions but when you upgrade from version 4.x, please take a look at the Platform support and Installing Publisher 5 due to the upgrade to Java 11.

3rd Party Libraries

There is also a page available which lists all the 3rd party libraries that are used in the Publisher. See for more information: Blueriq Publisher 5 libraries.


  • No labels