Bugfixes
Incident number | Summary (problem description) | Resolution |
---|---|---|
PUB-286 | No session time-out | Session time-out is now by default equal to the Runtime configuration. Can be made specific to the Publisher via the war. |
PUB-287 | No user information visible | Added the username to the logout button, so it is always clear for users that have multiple accounts on which account they are working. |
PUB-294 | CVE-2021-22112 in spring-security-core | Upgrade springframework to 5.3.4 Upgrade springframework-ws to 3.0.10.RELEASE Upgrade springframework-security to 5.4.5 |
PUB-295 | BDSA-2012-0001 Base32 encoding vulnerability in apache-commons CVE-2019-3773 (BDSA-2019-0078) | Upgrade apache-commons-codec to 1.15 Upgrade javax-sevlet-api to 4.0.1 |
Upgrade Instructions
There are no specific upgrade instructions but when you upgrade from version 4.x, please take a look at the Platform support and Installing Publisher 5 due to the upgrade to Java 11.
3rd Party Libraries
There is also a page available which lists all the 3rd party libraries that are used in the Publisher. See for more information: Blueriq Publisher 5 libraries.
Overview
Content Tools