Update dependency DependencyTrack/dependency-track to v4.11.4
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
DependencyTrack/dependency-track | patch |
4.11.3 -> 4.11.4
|
|
DependencyTrack/dependency-track | ironbank-github | patch |
4.11.3 -> 4.11.4
|
Release Notes
DependencyTrack/dependency-track (DependencyTrack/dependency-track)
v4.11.4
For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes. If additional details are required, consult the closed issues for this release milestone.
##### SHA1
19531d4f02cccf26478b3a63feba355da8726b3f dependency-track-apiserver.jar
3c4bb658783157ae9c408b8323e25e55c9ab25fd dependency-track-bundled.jar
##### SHA256
9a09259ba4c19d02b81a39fb5894df758f19ff1bb43538d4b999b4a5789a9d9b dependency-track-apiserver.jar
73fc867d347da8a8af14f8c6812e13b870037a28d7de83e2837db9c27d840100 dependency-track-bundled.jar
##### SHA512
a357be2617e9da6d4eaf19120316927ccddbc1290b9f0179287619864ffe2f6a349c9cab729853469425e273662e64cb49a4ede5498da937817b3cda01997af9 dependency-track-apiserver.jar
13fbf6477f2820b0926ad082063332e9f34de622e64b11cfe0fa4574ba5d2d9f41c06c791740ddb69a34fc71e21b6456f20c36018eb2b52e0664fdc47a41645f dependency-track-bundled.jar
What's Changed
🚀
Enhancements - Backport: Support ingestion of CycloneDX v1.6 BOMs by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/3863
🐛
Bug Fixes - Backport: Fix inverted "show inactive" filter in vulnerability audit view by @nscuro (original change by @2000rosser) in https://github.com/DependencyTrack/dependency-track/pull/3864
- Backport: Fix BOM validation failing when URL contains encoded
[
and]
characters by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/3866 - Backport: Fix external references not being updated via
POST /v1/component
by @nscuro (original change by @sahibamittal) in https://github.com/DependencyTrack/dependency-track/pull/3867 - Backport: Prevent XXE injection during CycloneDX validation and parsing by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/3871
🤖
Dependency Updates - Backport: Bump bundled frontend to 4.11.4 by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/3875
Other Changes
- Add changelog for v4.11.4 by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/3868
Full Changelog: https://github.com/DependencyTrack/dependency-track/compare/4.11.3...4.11.4
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.