You are viewing the documentation for Blueriq 15. Documentation for other versions is available in our documentation directory.

1. Documentation

Documentation on the new features and improvements of this release is linked in the respective topics.

2. Upgrade Instructions

For this release there are no specific upgrade instructions.

As a best practice

  • backup your repository
  • backup your database before running scripts
  • backup your spring.config.additional-location directory ([Blueriq installation directory]\Runtime)
  • backup any config files you have altered under [Blueriq installation directory]\Services

before you start the upgrade.

3. Artifacts

 The Blueriq artifacts are available under name: 15.13.20.2140

This release includes these versions of Blueriq components with a separate life cycle:

Component

Version

Customer Data Service 4.1.17
DCM Lists Service 2.4.11
Material Theme 1.1.11
Development tools frontend 1.5.6
DCM Maintenance App 2.1.31
Audit Consumer 0.1.18
DCM Dashboard Service 0.1.13
Gateway Service 0.1.20
Document Renderer 1.1.2

4. Libraries

In this release, the following libraries have been updated:

ArtifactId

GroupId

License

Version in 15.13.19

Version in 15.13.20

cxf-core

org.apache.cxf

Apache License 2.0

3.5.6

3.5.8

netty-buffer

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-codec

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-codec-dns

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-codec-http

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-codec-http2

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-codec-socks

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-common

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-handler

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-handler-proxy

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-resolver

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-resolver-dns

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-resolver-dns-classes-macos

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-resolver-dns-native-macos

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-transport

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-transport-classes-epoll

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-transport-native-epoll

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

netty-transport-native-unix-common

io.netty

Apache License 2.0

4.1.101.Final

4.1.108.Final

spring-security-config

org.springframework.security

Apache License 2.0

5.7.11

5.7.12

spring-security-core

org.springframework.security

Apache License 2.0

5.7.11

5.7.12

spring-security-crypto

org.springframework.security

Apache License 2.0

5.7.11

5.7.12

spring-security-ldap

org.springframework.security

Apache License 2.0

5.7.11

5.7.12

spring-security-oauth2-client

org.springframework.security

Apache License 2.0

5.7.11

5.7.12

spring-security-oauth2-core

org.springframework.security

Apache License 2.0

5.7.11

5.7.12

spring-security-oauth2-jose

org.springframework.security

Apache License 2.0

5.7.11

5.7.12

spring-security-oauth2-resource-server

org.springframework.security

Apache License 2.0

5.7.11

5.7.12

spring-security-web

org.springframework.security

Apache License 2.0

5.7.11

5.7.12

xmlschema-core

org.apache.ws.xmlschema

Apache License 2.0

2.3.0

2.3.1


5. Retirement announcement

For this release there are no specific retirement announcements.

For a full list of deprecated features, go to Deprecated features.

6. Bug fixes

Identifier

Component

Issue

Solution

BQ-22693

Gateway

CVE-2024-29025 affects Blueriq Security Gateway.

Manually set Netty dependency to version 4.1.108.Final

BQ-22676

Java Runtime

CVE-2024-29025 was reported for the Netty dependency in the Runtime.

The Netty dependencies have been updated to address the CVE.

BQ-22577

Java Runtime

CVE-2024-28752 was detected on the org.apache.cxf:cxf-core-3.5.6 library

Resolved by updating the library to version 3.5.8

CSD-5176

Encore

In the AQ_Instance_Create and AQ_Instance_Update editors, unsetting an attribute/relation assignment would not clear its expression, resulting in a validation error that the expression must be empty.

The value expression of an attribute/relation assignment is now automatically cleared when clearing the assignment.

7. Known issues

For an overview of known issue please refer to: Known issues