Bugfixes

Incident number
Summary (problem description)
Resolution
PUB-286No session time-out

Session time-out is now by default equal to the Runtime configuration. Can be made specific to the Publisher via the war. 

How to configure the Blueriq Runtime session

How to configure the Blueriq Publisher session

PUB-287No user information visibleAdded the username to the logout button, so it is always clear for users that have multiple accounts on which account they are working.
PUB-294CVE-2021-22112 in spring-security-core

Upgrade springframework to 5.3.4

Upgrade springframework-ws to 3.0.10.RELEASE

Upgrade springframework-security to 5.4.5

PUB-295

BDSA-2012-0001 Base32 encoding vulnerability in apache-commons

CVE-2019-3773 (BDSA-2019-0078)

Upgrade apache-commons-codec to 1.15

Upgrade javax-sevlet-api to 4.0.1

Upgrade Instructions

There are no specific upgrade instructions but when you upgrade from version 4.x, please take a look at the Platform support and Installing Publisher 5 due to the upgrade to Java 11.

3rd Party Libraries

There is also a page available which lists all the 3rd party libraries that are used in the Publisher. See for more information: Blueriq Publisher 5 libraries.