Update docker.io/dependencytrack/apiserver Docker tag to v4.13.3
No problems upgrading the backend Docker container with a Docker compose yaml file within Portainer and by means of Portainer DevOps resp. GitOps with dependency update facilitated by Mend's Renovate Bot.
This MR contains the following updates:
| Package | Update | Change |
|---|---|---|
| docker.io/dependencytrack/apiserver (source, changelog) | patch | 4.13.2 -> 4.13.3 |
Release Notes
DependencyTrack/dependency-track (docker.io/dependencytrack/apiserver)
v4.13.3
For official releases, refer to Dependency Track Docs >> Changelogs for information about improvements and upgrade notes.
If additional details are required, consult the closed issues for this release milestone.
### SHA1
ba7866fa7b8be30f2058606ee77539b126ab61f1 dependency-track-apiserver.jar
70ac64f18c4b219d283df0c056e74f001287159b dependency-track-bundled.jar
### SHA256
8b6b2f29bdfd6f3e81ed2c9754a3ab2b4e27bbb9c33e52f720700d7e73558adb dependency-track-apiserver.jar
1ae9984304854845cc5741d1dd1288e7b0a748539f448e0d0899ef635bb33c28 dependency-track-bundled.jar
### SHA512
706389f889eb177701d65e1ffefb30540f0ac9761128554f37e1edb637d73a58c981c87ca783e4b4eed982b813f4d359d590ca6ccd7132c10da83056935d2328 dependency-track-apiserver.jar
09e1ce042f64bd2ea5214fab3ebf2d2c86255b7c781490c14f2afcb517c056ef791713ba939e5de20b2b32a21949e5ac8a70ae3610432da1fa42681feceff626 dependency-track-bundled.jar
What's Changed
Bug Fixes 🐛
- Backport: Fix OSV ubuntu advisory containing severity without type by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5168
- Backport: Fix too many query parameters when retrieving vuln aliases by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5167
- Backport: Add apiserver health check to Compose files by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5171
- Backport: Handle dangling SPDX expression operators by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5173
- Backport: Fix BOM export failing for projects of type NONE by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5178
- Backport: Ensure VulnerableSoftware query is able to leverage indexes by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5177
- Backport: Add whitespace sanitization in fuzzySearch CPE to fix CPE validation errors by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5176
- Backport: Bulk load component relationships for BOM export by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5179
- Backport: Improve Composer meta analyzer's ability to deal with minified metadata by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5175
- Backport: Fix failing v4.13.1 migration for H2 deployments that pre-date v4.11.0 by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5180
Dependency Updates 🤖
- Backport: bump org.apache.commons:commons-compress by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5169
- Backport: Bump PostgreSQL JDBC driver to 42.7.7 by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5174
- Bump Docker base images to latest digests by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5181
- Backport: Bump bundled frontend to 4.13.3 by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5184
Other Changes
- Backport: Add AWS Cognito configuration example by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5172
- Add changelog for v4.13.3 by @nscuro in https://github.com/DependencyTrack/dependency-track/pull/5182
Full Changelog: https://github.com/DependencyTrack/dependency-track/compare/4.13.2...4.13.3
