You are viewing the documentation for Blueriq 15. Documentation for other versions is available in our documentation directory.
Identifier |
Component |
Issue |
Solution |
---|---|---|---|
BQ-21304 |
|
Several CVEs have been reported on the runtime: CVE-2023-44487 (a problem with Netty), CVE-2023-44483 (a problem with xmlsec) and CVE-2023-4759 (a problem with JGit). |
All the CVEs have been addressed. CVE-2023-44487 by upgrading Netty, CVE-2023-44483 by upgrading xmlsec and CVE-2023-4759 turned out to be a false positive, it was already fixed in the version we are shipping, but the dependency checker incorrectly links the CVE to the fixed version. This is suppressed. |
BQ-21279 |
|
CVE-2023-34050 has been reported on the spring-amqp library. |
For R16/15/14, this has been fixed by upgrading Spring Boot/underlying spring-amqp libraries. For older versions, there is no upgrade path. Upgrade to a more recent version of Blueriq and in the meantime take the measures as outlined by https://spring.io/security/cve-2023-34050. |
BQ-21223 |
|
Closing a module in Encore would incorrectly contain a message that indicates that unsaved changes would be saved, but these changes remain unsaved |
The message has been removed completely, as it was no longer accurate and could cause confusion |
BQ-21220 |
Encore |
||
BQ-21188 |
|
Committing on a branch without branch type could report an error in certain circumstances, as commit permissions could not be verified |
Branches without branch type can now be committed normally again |
CSD-4907 |
|
The webservice editor in Encore would not show any flows to execute for an exposed operation if the webservice is defined in a library with multiple root modules. |
Webservices in libraries will now allow you to select a flow again, as well as including the flow usage as a dependency and reporting an error if the flow does not exist. This is an improvement compared to Blueriq Studio, which would fall back to a raw text input without providing validations and dependencies. |
CSD-4606 |
Document Renderer |
Setting configuration properties that already exist inside the YML file as environment variables does not override them. YML file is prioritized over environment variables. |
Environment variables are now loaded last and thus override any other configuration properties source. |