github DependencyTrack/dependency-track 4.13.3
on GitHub

latest release: 4.13.4
one month ago

For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes.
If additional details are required, consult the closed issues for this release milestone. 

# SHA1
ba7866fa7b8be30f2058606ee77539b126ab61f1  dependency-track-apiserver.jar
70ac64f18c4b219d283df0c056e74f001287159b  dependency-track-bundled.jar
# SHA256
8b6b2f29bdfd6f3e81ed2c9754a3ab2b4e27bbb9c33e52f720700d7e73558adb  dependency-track-apiserver.jar
1ae9984304854845cc5741d1dd1288e7b0a748539f448e0d0899ef635bb33c28  dependency-track-bundled.jar
# SHA512
706389f889eb177701d65e1ffefb30540f0ac9761128554f37e1edb637d73a58c981c87ca783e4b4eed982b813f4d359d590ca6ccd7132c10da83056935d2328  dependency-track-apiserver.jar
09e1ce042f64bd2ea5214fab3ebf2d2c86255b7c781490c14f2afcb517c056ef791713ba939e5de20b2b32a21949e5ac8a70ae3610432da1fa42681feceff626  dependency-track-bundled.jar

What's Changed

Bug Fixes 🐛

  • Backport: Fix OSV ubuntu advisory containing severity without type by @nscuro in #5168
  • Backport: Fix too many query parameters when retrieving vuln aliases by @nscuro in #5167
  • Backport: Add apiserver health check to Compose files by @nscuro in #5171
  • Backport: Handle dangling SPDX expression operators by @nscuro in #5173
  • Backport: Fix BOM export failing for projects of type NONE by @nscuro in #5178
  • Backport: Ensure VulnerableSoftware query is able to leverage indexes by @nscuro in #5177
  • Backport: Add whitespace sanitization in fuzzySearch CPE to fix CPE validation errors by @nscuro in #5176
  • Backport: Bulk load component relationships for BOM export by @nscuro in #5179
  • Backport: Improve Composer meta analyzer's ability to deal with minified metadata by @nscuro in #5175
  • Backport: Fix failing v4.13.1 migration for H2 deployments that pre-date v4.11.0 by @nscuro in #5180

Dependency Updates 🤖

  • Backport: bump org.apache.commons:commons-compress by @nscuro in #5169
  • Backport: Bump PostgreSQL JDBC driver to 42.7.7 by @nscuro in #5174
  • Bump Docker base images to latest digests by @nscuro in #5181
  • Backport: Bump bundled frontend to 4.13.3 by @nscuro in #5184

Other Changes

Full Changelog: 4.13.2...4.13.3

Check out latest releases or
releases around DependencyTrack/dependency-track 4.13.3

Don't miss a new dependency-track release

NewReleases is sending notifications on new releases.

Get notifications