Broadleaf Commerce 6.0.17-GA
Released on January 10, 2022
Overview
This is the 17th patch release for Broadleaf Framework 6.0.x. To upgrade a 6.0.x application to the 6.0.17-GA release, it should only require updating the parent pom.xml broadleaf-boot-starter-parent
to 6.0.17-GA.
New and Noteworthy
Log4j vulnerability
There is a critical security issue with Log4j2. More info available in our Log4j blog.
Library upgrades
- Springboot -> 2.0.4.RELEASE to 2.0.9.RELEASE
- Spring -> 5.0.16.RELEASE to 5.0.20.RELEASE
- Spring security -> 5.0.17.RELEASE to 5.0.19.RELEASE
- Hibernate -> 5.2.17.Final to 5.2.18.Final
- Log4j2 -> 2.15.0 to 2.17.1
- Logback -> 1.1.11 to 1.2.10
- Commons logging -> 1.1.3 to 1.2
- Google protobuf -> 3.7.0 to 3.19.2
An at-a-glance view of the issues that were closed in this release:
Enhancements(2)
- Made change to set active start and end date to current date during "Product Duplication".
- Merged bug fixes and enhancements included in 5.2.23-GA
Total Resolved Issues: 2