github DependencyTrack/dependency-track 4.12.4
on GitHub

one day ago

For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes.
If additional details are required, consult the closed issues for this release milestone. 

# SHA1
6467242cb3ce65fb128ded6e4d40bd45bf3c74f3  dependency-track-apiserver.jar
a27297edf0da4d208c3b89d31fcd441958767e48  dependency-track-bundled.jar
# SHA256
9abd2ec5091645779d1eecbcad0ed78c4175565fe93eddce8b600113fe66f476  dependency-track-apiserver.jar
fe490211de5988fb651a8e869e36d46c33caca030b26a61172e9fc49b0d94404  dependency-track-bundled.jar
# SHA512
b7289546a53ec598430a0c2e435d9dee6c2e53ca0eedfa7232ba882c77c18bf54b92185817e05181d0081ffe35d7250c61f18f3a80109afa90e1bd4c8273a268  dependency-track-apiserver.jar
1aebd3967192d6749059ab31b30e3faed0e7fba416692d0096d82ae6e4f212e820b4432093e665cd169657e8e2dca786be808694dcf685d7475b0f6699491373  dependency-track-bundled.jar

What's Changed

Bug Fixes 🐛

  • Backport: Fix possible NPEs during tag binding by @nscuro in #4595
  • Backport: Fix false negatives in CPE matching for ANY and NA versions by @nscuro in #4612
  • Backport: Refactor VulnerabilityAnalysisTask to be more efficient by @nscuro in #4625
  • Backport: Refactor VulnerabilityManagementUploadTask to be more efficient by @nscuro in #4626
  • Backport: Fix erroneous URL-encoding of the Maven groupId by @nscuro in #4629
  • Backport: Handle invalid CVSS vectors and processing failures for OSV by @nscuro in #4638

Dependency Updates 🤖

  • Backport: Bump Temurin base image to 21.0.6_7 by @nscuro in #4628
  • Backport: Bump bundled frontend to 4.12.4 by @nscuro in #4641

Other Changes

Full Changelog: 4.12.3...4.12.4

Check out latest releases or
releases around DependencyTrack/dependency-track 4.12.4

Don't miss a new dependency-track release

NewReleases is sending notifications on new releases.

Get notifications