Skip to main content

JobScheduler, JOC Cockpit & YADE Version 1.13.19 released

Submitted by ap on Tue, 07/11/2023 - 19:11
News Date and Time
Jul 11 2023 21:00

We are pleased to announce the 1.13.19 release of the JobScheduler, JOC Cockpit and YADE

This Long Term Support maintenance release brings bug-fixes and vulnerability fixes to the JOC Cockpit and YADE.

Bug-Fixes

  • YADE-603: HTTP provider - OutOfMemoryError while downloading file
  • YADE-602: SSHJ provider - http proxy without authentication

Vulnerability Fixes

  • SET-226: Update security header for Content-Security-Policy (vulnerability CVE-2023-37272)
    • The vulnerability is considered severe.
    • Users find a patch instructions that can be applied for releases 1.13.11 to 1.13.18.
  • JITL-714: JS1 and JS7 KeePass CredentialStore Interface should not use vulnerable 3rd-party library simple-xml (CVE-2017-1000190, CVE-2017-14868)
  • JOC-1532: Update jackson-databind to 2.14.2 due to 3rd-party vulnerability issue CVE-2022-42003

 

See the Release Notes for a detailed list of the features and bug-fixes.

Important

Please also take note of our Change Management information.

Download the JobScheduler and JOC Cockpit:

Download YADE: