#28495 Fix CVE-2024-4577 by upgrading Apache Lucene

Enhancement

Major

#28426

Load any objects as initial data

#28461

Reuse of personal contacts

Detail

#28362

Changing the selection when changing models

#28421

Implementation of sequence ID functions in TLScript

#28423

Add Content Navigation Capabilities to WebFolder and Document Model

#28443

Migration processor for changing the model references of all objects in a table

#28453

Add multiline text support modifier for standard tables

#28459

Configure additional column headers InApp

#28464

Migrations: Actions after startup

#28465

Migration: Adjustment of column widths

#28469

Set the color of the set filter icon to red

#28472

Define your own option sequence InApp

Bugfix

Major

#28477

Core theme: No more scrollbars in multi-line text fields

Detail

#28348

CoreTheme: Hyperlinks in indirect filter matches look active

#28429

Vulnerability Apache Kafka CVE-2024-56128 and CVE-2024-31141

#28430

Vulnerability Spring-Core CVE-2022-22968

#28452

Scroll selection into the viewport

#28463

Problems when undocking a component from a dialog

#28480

Updating the breadcrumb when tabbar becomes invisible

#28484

JSON: Error when parsing exonential representation with '+'

#28495

Fix CVE-2024-4577 by upgrading Apache Lucene

#28498

Missing space in front of dropdowns in a toolbar

#28501

Initially closing the sidebar in the condensed theme

Bugfix

Detail

#28495

Fix CVE-2024-4577 by upgrading Apache Lucene

Lucene SecurityIssue

A security vulnerability in Apache Lucene's Replicator module has been fixed. The affected component(org.apache.lucene.replicator.http) allowed the deserialization of unreliable data, which could potentially lead to security risks.

To fix the problem, the version of Apache Lucene has been upgraded to 9.12.0. The org.apache.lucene.replicator.nrt component is not affected.

Test

Check the functionality and correctness of the search functions in the running application.