You are viewing the documentation for Blueriq 14. Documentation for other versions is available in our documentation directory.



1. New

1.1.  Asynchronous processing of trace and timeline events

In release 14.6, we separated the timeline information from the Trace SQL Store into the Timeline SQL Store Component. In this release we make it possible to process trace and timeline information in an asynchronous way. To this end we introduced the Timeline Event Publisher Component, next to the existing Trace Event Publisher Component, which allows publishing timeline and trace events to a queue. Furthermore, we adapted the Trace SQL Store component and the Timeline SQL Store component to be able to consume these events and store them in a database.

To setup the asynchronous processing, please refer to the documentation of the respective components.





On this page:

2. Documentation

Documentation on the new features and improvements of this release is linked in the respective topics.

3. Upgrade Instructions

The upgrade instructions for this release can be found at Release 14.8 Upgrade Instructions.

As a best practice

  • backup your repository
  • backup your database before running scripts
  • backup your spring.config.additional-location directory ([Blueriq installation directory]\Runtime)
  • backup any config files you have altered under [Blueriq installation directory]\Services

before you start the upgrade.

4. Artifacts

The Blueriq artifacts are available under name: 14.8.0.4400

This release includes these versions of Blueriq components with a separate life cycle:

Component

Version

Customer Data Service 3.4.8
DCM Lists Service 1.4.6
Material Theme 1.0.40

5. Aquima Libraries

The Aquima libraries are updated, see below what has changed:

6. Libraries

In this release, the set of third party libraries that is used by Blueriq was updated. When your installation of Blueriq includes custom components (artifacts that do not ship with Blueriq, such as proprietary plugins), those components should be tested for compatibility with these changes.

ArtifactId

GroupId

License

Version in 14.7.1

Version in 14.8

netty-incubator-codec-quic

io.netty.incubator

Apache License 2.0

0.0.18.Final

(error)

netty-incubator-codec-classes-quic

io.netty.incubator

Apache License 2.0

(error)

0.0.24.Final

netty-incubator-codec-native-quic

io.netty.incubator

Apache License 2.0

(error)

0.0.24.Final

byte-buddy

net.bytebuddy

Apache License 2.0

1.10.22

1.11.12

ehcache

org.ehcache

Apache License 2.0

3.9.7

3.9.9

h2

com.h2database

Mozilla Public License Version 2.0

1.4.197

2.0.206

hibernate-core

org.hibernate

LGPL 2.1

5.4.32.Final

5.4.33

hibernate-entitymanager

org.hibernate

LGPL 2.1

5.4.32.Final

5.4.33

httpcore

org.apache.httpcomponents

Apache License 2.0

4.4.14

4.4.15

jackson-annotations

com.fasterxml.jackson.core

Apache License 2.0

2.12.5

2.12.6

jackson-core

com.fasterxml.jackson.core

Apache License 2.0

2.12.5

2.12.6

jackson-databind

com.fasterxml.jackson.core

Apache License 2.0

2.12.5

2.12.6

jackson-dataformat-xml

com.fasterxml.jackson.dataformat

Apache License 2.0

2.12.5

2.12.6

jackson-dataformat-yaml

com.fasterxml.jackson.dataformat

Apache License 2.0

2.12.5

2.12.6

jackson-datatype-jsr310

com.fasterxml.jackson.datatype

Apache License 2.0

2.12.5

2.12.6

jackson-module-jaxb-annotations

com.fasterxml.jackson.module

Apache License 2.0

2.12.5

2.12.6

metrics-core

io.dropwizard.metrics

Apache License 2.0

4.1.26

4.1.29

micrometer-core

io.micrometer

Apache License 2.0

1.7.5

1.7.7

reactor-core

io.projectreactor

Apache License 2.0

3.4.11

3.4.13

reactor-netty

io.projectreactor.netty

Apache License 2.0

1.0.12

1.0.14

reactor-netty-core

io.projectreactor.netty

Apache License 2.0

1.0.12

1.0.14

reactor-netty-http

io.projectreactor.netty

Apache License 2.0

1.0.12

1.0.14

reactor-netty-http-brave

io.projectreactor.netty

Apache License 2.0

1.0.12

1.0.14

reactor-netty-incubator-quic

io.projectreactor.netty.incubator

Apache License 2.0

0.0.1

0.0.3

spring-amqp

org.springframework.amqp

Apache License 2.0

2.3.11

2.3.13

spring-aop

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-beans

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-boot

org.springframework.boot

Apache License 2.0

2.5.6

2.5.8

spring-boot-actuator

org.springframework.boot

Apache License 2.0

2.5.6

2.5.8

spring-boot-actuator-autoconfigure

org.springframework.boot

Apache License 2.0

2.5.6

2.5.8

spring-boot-autoconfigure

org.springframework.boot

Apache License 2.0

2.5.6

2.5.8

spring-boot-configuration-processor

org.springframework.boot

Apache License 2.0

2.5.6

2.5.8

spring-boot-starter

org.springframework.boot

Apache License 2.0

2.5.6

2.5.8

spring-boot-starter-aop

org.springframework.boot

Apache License 2.0

2.5.6

2.5.8

spring-boot-starter-data-mongodb

org.springframework.boot

Apache License 2.0

2.5.6

2.5.8

spring-boot-starter-logging

org.springframework.boot

Apache License 2.0

2.5.6

2.5.8

spring-boot-starter-validation

org.springframework.boot

Apache License 2.0

2.5.6

2.5.8

spring-context

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-context-support

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-core

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-data-commons

org.springframework.data

Apache License 2.0

2.5.6

2.5.7

spring-data-keyvalue

org.springframework.data

Apache License 2.0

2.5.6

2.5.7

spring-data-mongodb

org.springframework.data

Apache License 2.0

3.2.6

3.2.7

spring-data-redis

org.springframework.data

Apache License 2.0

2.5.6

2.5.7

spring-expression

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-hateoas

org.springframework.hateoas

Apache License 2.0

1.3.5

1.3.6

spring-jcl

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-jdbc

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-ldap-core

org.springframework.ldap

Apache License 2.0

2.3.4.RELEASE

2.3.5.RELEASE

spring-messaging

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-orm

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-oxm

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-rabbit

org.springframework.amqp

Apache License 2.0

2.3.11

2.3.13

spring-security-config

org.springframework.security

Apache License 2.0

5.5.3

5.5.4

spring-security-core

org.springframework.security

Apache License 2.0

5.5.3

5.5.4

spring-security-crypto

org.springframework.security

Apache License 2.0

5.5.3

5.5.4

spring-security-ldap

org.springframework.security

Apache License 2.0

5.5.3

5.5.4

spring-security-oauth2-client

org.springframework.security

Apache License 2.0

5.5.3

5.5.4

spring-security-oauth2-core

org.springframework.security

Apache License 2.0

5.5.3

5.5.4

spring-security-web

org.springframework.security

Apache License 2.0

5.5.3

5.5.4

spring-session-core

org.springframework.session

Apache License 2.0

2.5.3

2.5.4

spring-session-data-redis

org.springframework.session

Apache License 2.0

2.5.3

2.5.4

spring-tx

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-web

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-webflux

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-webmvc

org.springframework

Apache License 2.0

5.3.12

5.3.14

spring-ws-core

org.springframework.ws

Apache License 2.0

3.1.1

3.1.2

spring-ws-security

org.springframework.ws

Apache License 2.0

3.1.1

3.1.2

spring-xml

org.springframework.ws

Apache License 2.0

3.1.1

3.1.2

wss4j-ws-security-common

org.apache.wss4j

Apache License 2.0

2.3.3

2.4.0

wss4j-ws-security-dom

org.apache.wss4j

Apache License 2.0

2.3.3

2.4.0

xmlsec

org.apache.santuario

Apache License 2.0

2.2.3

2.3.0


No libraries have been updated between version 3.4.7 (Blueriq 14.7.1) and version 3.4.8 (Blueriq 14.8).


Version 1.4.6 is used in both the previous (Blueriq 14.7.1) and current (Blueriq 14.8) release.



7. Retirement announcement

There are no specific retirement announcements.

For a full list of deprecated features, go to Deprecated features.

8. Bug fixes

Identifier

Component

Issue

Solution

BQ-14576


CVE-2021-44832 is reported on the log4j-core library. Blueriq does not use this library. The CVE is incorrectly matched to the log4j-api library that uses the same versioning scheme. This library is used by Blueriq, but it is not vulnerable.

To avoid confusion, we upgraded the log4j libraries that Blueriq does use to the latest version.

BQ-14520


Logback contains a CVE which is hard to exploit but has a possible high impact (CVE-2021-42550)

Logback has been upgraded to a new version which no longer contains this vulnerability

9. Known issues

For an overview of known issue please refer to: Known issues.