You are viewing the documentation for Blueriq 17. Documentation for other versions is available in our documentation directory.
1. Upgrade Instructions
There are no specific upgrade instructions for this release.
As a best practice
- backup your repository
- backup your database before running scripts
- backup your
spring.config.additional-location
directory ([Blueriq installation directory]\Runtime) - backup any config files you have altered under [Blueriq installation directory]\Services
before you start the upgrade.
2. Artifacts
The Blueriq artifacts are available under name: 17.3.1.96
This release includes these versions of Blueriq components with a separate life cycle:
Component |
Version |
---|---|
Customer Data Service | 5.0.3 |
DCM Lists Service | 4.0.2 |
Material Theme | 1.3.4 |
Development tools frontend | 2.0.1 |
DCM Maintenance App | 5.0.4 |
Audit Consumer | 1.0.3 |
DCM Dashboard Service | 2.0.2 |
Gateway Service | 1.0.3 |
Document Renderer | 2.2.0 |
3. Blueriq Libraries
ArtifactId |
GroupId |
License |
Version in 17.3 |
Version in 17.3.1 |
---|---|---|---|---|
org.apache.geronimo.specs |
1.1.1 |
|||
com.sun.activation |
1.2.2 |
|||
org.ow2.asm |
9.5 |
9.7 |
||
org.apache.cxf |
4.0.4 |
4.0.5 |
||
org.apache.cxf |
3.5.6 |
4.0.5 |
||
org.apache.cxf |
3.5.6 |
4.0.5 |
||
org.apache.cxf |
3.5.6 |
4.0.5 |
||
org.apache.cxf |
3.5.6 |
4.0.5 |
||
org.apache.cxf |
3.5.6 |
4.0.5 |
||
org.apache.cxf |
3.5.6 |
4.0.5 |
||
org.apache.cxf |
3.5.6 |
4.0.5 |
||
org.apache.cxf |
3.5.6 |
4.0.5 |
||
org.apache.cxf |
3.5.6 |
4.0.5 |
||
com.fasterxml.woodstox |
6.6.1 |
6.6.2 |
4. Bug fixes
Identifier |
Component |
Issue |
Solution |
---|---|---|---|
BQ-23584 |
Java Runtime |
The XSS blacklist filter could fail to detect some patterns that may be considered potentially harmful. |
The XSS blacklist filtering has been improved. |
BQ-23558 |
Encore |
In DRDs in Encore, the input node did not have the correct shape. |
The shape has been corrected. |
BQ-23557 |
Java Runtime |
Three CVE's (CVE-2024-29736, CVE-2024-32007, CVE-2024-41172) have been reported on Apache CXF on versions older than 4.0.5, 3.6.4 and 3.5.9 |
Updated Apache CXF to the latest patch version. |
CSD-5375 |
Java Runtime |
Input values containing backslash-escaped zeroes would inadvertently be interpreted as null bytes in the XSS filtering layer, even if the original input value is not otherwise determed to be malicious. |
The XSS filtering has been improved to better account for null bytes that are a result of canonicalization. |
CSD-5385 |
Encore |
Start and Message event nodes in Processes have a Message event field. While this field is required in the Runtime, it was optional in Encore. This may cause errors in the Runtime while running a model. |
A validation has been added to both types of Message event fields. Encore will display a message when a Message event is not provided. |
5. Known issues
For an overview of known issue please refer to: Known issues