4.11.4

版本发布时间: 2024-06-24 17:37:06

DependencyTrack/dependency-track最新发布版本:4.11.7(2024-08-14 20:36:35)

For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone.

# SHA1
19531d4f02cccf26478b3a63feba355da8726b3f  dependency-track-apiserver.jar
3c4bb658783157ae9c408b8323e25e55c9ab25fd  dependency-track-bundled.jar
# SHA256
9a09259ba4c19d02b81a39fb5894df758f19ff1bb43538d4b999b4a5789a9d9b  dependency-track-apiserver.jar
73fc867d347da8a8af14f8c6812e13b870037a28d7de83e2837db9c27d840100  dependency-track-bundled.jar
# SHA512
a357be2617e9da6d4eaf19120316927ccddbc1290b9f0179287619864ffe2f6a349c9cab729853469425e273662e64cb49a4ede5498da937817b3cda01997af9  dependency-track-apiserver.jar
13fbf6477f2820b0926ad082063332e9f34de622e64b11cfe0fa4574ba5d2d9f41c06c791740ddb69a34fc71e21b6456f20c36018eb2b52e0664fdc47a41645f  dependency-track-bundled.jar

What's Changed

Enhancements 🚀

Backport: Support ingestion of CycloneDX v1.6 BOMs by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/3863

Bug Fixes 🐛

Backport: Fix inverted "show inactive" filter in vulnerability audit view by @nscuro (original change by @2000rosser) in https://github.com/DependencyTrack/dependency-track/pull/3864
Backport: Fix BOM validation failing when URL contains encoded [ and ] characters by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/3866
Backport: Fix external references not being updated via POST /v1/component by @nscuro (original change by @sahibamittal) in https://github.com/DependencyTrack/dependency-track/pull/3867
Backport: Prevent XXE injection during CycloneDX validation and parsing by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/3871

Dependency Updates 🤖

Backport: Bump bundled frontend to 4.11.4 by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/3875

Other Changes

Add changelog for v4.11.4 by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/3868

Full Changelog: https://github.com/DependencyTrack/dependency-track/compare/4.11.3...4.11.4

相关地址：原始地址下载(tar) 下载(zip)

1、 bom.json 505.13KB

2、 checksums.txt 681B

3、 dependency-track-apiserver.jar 66.33MB

4、 dependency-track-bundled.jar 68.79MB

查看：2024-06-24发行的版本