CIB seven 2.0.7 EE - Release Notes

Release Notes

Release Date: January 22, 2026

Highlights

  • Updated docker image with CIB seven to resolve CVE in third party libraries

Technical Updates

Dependency Updates

  • Update Spring Boot from 3.5.7 to 3.5.9
  • Update log4j to 2.25.3
  • Update tomcat from 10.1.48 to 10.1.49
  • Update jackson from 2.15.2 to 2.19.4

Resolved CVE Vulnerabilities

  • CVE-2025-66566 - Fixed in org.lz4 and netty modules for Wildfly.
  • CVE-2025-68161 - Fixed in log4j by updating to 2.25.3.
  • CVE-2025-13151 - Fixed Stack-based buffer overflow in libtasn1 by updating to 4.21.0-r0. The vulnerable library was included transitively via the Alpine base image.

On this Page: