You are viewing the documentation for Blueriq 13. Documentation for other versions is available in our documentation directory.
1. Documentation
Documentation on the new features and improvements of this release is linked in the respective topics.
2. Upgrade Instructions
The upgrade instructions for this release can be found here.
As a best practice
- backup your repository
- backup your database before running scripts
- backup your
spring.config.additional-location
directory ([Blueriq installation directory]\Runtime) - backup any config files you have altered under [Blueriq installation directory]\Services
before you start the upgrade.
3. Artifacts
The Blueriq artifacts are available under name: 13.13.48.6354
This release includes these versions of Blueriq components with a separate life cycle:
Component |
Version |
---|---|
Customer Data Service | 3.4.22 |
DCM Lists Service | 1.4.18 |
Material Theme | 1.0.55 |
Development tools frontend | 1.2.3 |
4. Aquima Libraries
There are no specific Library updates for this release.
5. Libraries
In this release, the set of third party libraries that is used by Blueriq was updated. When your installation of Blueriq includes custom components (artifacts that do not ship with Blueriq, such as proprietary plugins), those components should be tested for compatibility with these changes.
6. Retirement announcement
There are no specific retirement announcements.
For a full list of deprecated features, go to Deprecated features.
7. Bug fixes
Identifier |
Component |
Issue |
Solution |
---|---|---|---|
BQ-20832 |
Runtime, Customer Data Service |
CVE-2023-33546 is reported on the Janino library which is used by older versions of the runtime & CDS |
The Janino library has been upgraded to the latest version in which the CVE was fixed. |
BQ-20797 |
Tomcat |
The Tomcat server that was bundled with the Blueriq installer was vulnerable to CVE-2023-28709. |
Tomcat has been updated to address the vulnerability. |
BQ-20782 |
Runtime |
CVE-2021-22097 was detected on Spring amqp |
Updated Spring amqp to 2.2.22.RELEASE |
BQ-20772 |
Runtime |
CVE-2023-34462 was detected on Netty |
Updated netty to 4.1.96.Final |
BQ-20771 |
Runtime |
CVE-2021-22095 was detected on Spring amqp |
Updated Spring amqp to 2.2.22.RELEASE |
BQ-20749 |
Studio |
Various CVEs (CVE-2020-1045, CVE-2022-29117, CVE-2017-11770) were reported for the Studio backend, but none were applicable to the .NET version used by Blueriq |
Suppressed the specific CVEs |
BQ-20747 |
Audit Consumer, Customer Data Service, DCM Dashboard, DCM Lists Service, Gateway, Runtime, Maintenance App |
CVE-2023-33201 detected for bouncy-castle lower than 1.73 |
Upgraded to version 1.76 |
8. Known issues
For an overview of known issue please refer to: Known issue