Skip to Content

Changes for page eMagiz Runtime - 5.0.4

Last modified by Erik Bakker on 2023/01/23 13:55
From version 10.1
edited by Erik Bakker
on 2022/06/16 13:31
Change comment: There is no comment for this version
To version 8.2
edited by Erik Bakker
on 2022/06/16 13:26
Change comment: Update document after refactoring.

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -eMagiz Runtime - 5.0.4
1 +eMagiz Mendix Connector - 5.1.0
Content
... ... @@ -1,12 +1,20 @@
1 -Fourth maintenance release in the eMagiz 5.0.x line. This release fixes Log4J security vulnerabilities CVE-2021-44228 and CVE-2021-45046.
1 +Small update that fixes three specific issues.
2 2  
3 3  Find out more in our [release blog]
4 4  
5 5  
6 -===== Bug Fixes =====
6 +===== Minor Changes =====
7 7  
8 -* Updated OPS4J Pax Logging version 1.10.1 to version 1.11.11. Internally this uses Apache Log4j 2, which is updated from version 2.8.2 to 2.16.0 in this release. This fixed the following two security vulnerabilities:
9 - ** https://nvd.nist.gov/vuln/detail/CVE-2021-44228 (CVSS score 10.0 - Critical)
10 - ** https://nvd.nist.gov/vuln/detail/CVE-2021-45046 (CVSS score 3.7 - Low)
8 +* Updated bundle 'com.emagiz.bundles.groovy-all' from 3.0.9.1 to 3.0.9.2
9 +* Removed bundle 'com.sun.mail.javax.mail' because it was not used anymore
10 +* Updated bundle 'com.emagiz.components.security' from 7.1.1 to 7.2.0
11 +* Updated bundle 'com.emagiz.components.http' from 7.2.1 to 7.2.2
12 +* Updated bundle 'com.emagiz.util.codec' from 6.1.0 to 6.1.1
11 11  
14 +===== Bug Fixes =====
12 12  
16 +* The OAuth 2.0 authorization interceptor in the Rest Template component contained client 'Authentication methods’ that were invalid and caused a flow not to start in build 59. Also the clockskew is now configurable so we can handle the requirements of more oauth2 authentication providers.
17 +* The Amazon S3 authentication interceptor in the Rest Template component had a threading issue where the key would be invalid on heavy usage. The threading has been changed and is now behaving correctly.
18 +* In several flow designer components you can add Groovy scripts. Since build 59 using FastStringUtils (JSON parsing) did not work.
19 +* For Gen3 runtimes we upgraded to Spring Boot 2.6.6 to bring the latest security patches.
20 +