Dependency-Track logov4.6

This release fixes a cross-site scripting (XSS) vulnerability in the frontend. The bundled distribution has been updated to include the fixed frontend version. There are no changes for the API server distribution.

Fixes:

Security:

For a complete list of changes, refer to the respective GitHub milestones:

dependency-track-apiserver.jar #
Algorithm Checksum
SHA-1 313b2ee9bd957f8bd2b0baba524044197501b2a9
SHA-256 7ee92f572cebe6d8d8f9e37ab6067e5849c83c56c98b38a21418557260efbfdc
dependency-track-bundled.jar #
Algorithm Checksum
SHA-1 e009cc9345ae5bdb321c651df769a6d02dfc5a67
SHA-256 0e67de28a99aec1d2e3c4592b42f04e86084129f58f3d338b572fdc5b7064899
frontend-dist.zip #
Algorithm Checksum
SHA-1 67843f34745d4983da001ca158c0fa6aba814427
SHA-256 f0cb536946117068f26845eee89975e4d7feac0b7c806bae505172e85bfadf76
Software Bill of Materials (SBOM) #