Open Source components have been updated, as listed below, to address known software vulnerabilities. Legal Notices will be updated to reflect these, and other changes, at the next scheduled regular release.
Teamwork Cloud/Magic Collaboration Studio
Library | Old version | New version | CVEs addressed |
| Eclipse EMF common | 2.30.0 | 2.31.0 | |
| Eclipse EMF ecore | 2.36.0 | 2.37.0 | |
| Eclipse EMF xmi | 2.37.0 | 2.38.0 | |
| Jetty | 9.4.54.v20240208 | 9.4.56.v20240826 | |
| Netty | 4.1.108.Final | 4.1.114.Final | CVE-2024-29025 |
| ElasticSearch | 7.17.20 | 7.17.24 | CVE-2024-23450 |
Cameo Simulation Toolkit / Magic Model Analyst
Library | Old version | New version | CVEs addressed |
| jfreechart | 1.5.3 | 1.5.5 | |
| Jetty | 9.4.54.v20240208 | 9.4.56.v20240826 | CVE-2024-6763, CVE-2024-8184 |
WebApps
Library | Old version | New version | CVEs addressed |
| commons-codec | 1.16.1 | 1.17.1 | - |
| commons-io | 2.16.0 | 2.17.0 | - |
| java-support | 8.4.0 | 8.4.2 | CVE-2024-22262 CVE-2024-22259 CVE-2024-22243 CVE-2023-6378 |
| Micrometer | 1.12.5 | 1.12.9 | - |
| OpenSAML | 4.3.0 | 4.3.2 | CVE-2024-22262 CVE-2024-22259 CVE-2024-22243 CVE-2023-44483 |
| Spring Expression Language (SpEL) | 6.1.6 | 6.1.13 | - |
| Spring Transaction | 6.1.6 | 6.1.13 | - |
| Spring Security | 6.2.4 | 6.3.3 | CVE-2024-38809 |
| RoaringBitmap | 1.0.5 | 1.0.6 | - |
| XMLBeans | 5.2.0 | 5.2.1 | - |
| XML APIs | - | 1.4.01 | - |
| Byte Buddy | 1.14.12 | 1.14.19 | |
| bcpkix-jdk18on, bcprov-jdk18on, bcutil-jdk18on | 1.77 | 1.78.1 | CVE-2024-29857 CVE-2024-30171 CVE-2024-30172 CVE-2024-34447 |
| Jakarta Activation API | 2.1.2 | 2.1.3 | |
| XML APIs | - | 1.4.01 | - |
| Apache HttpComponents Core HTTP/1.1 | 5.2.4 | 5.2.5 | |
| Jacoco Maven Plugin | 0.8.11 | 0.8.12 | |
| Spring Framework | 6.1.6 | 6.1.13 | |
| SLF4J API | 2.0.13 | 2.0.16 | |
| Angus Email | 2.0.2 | 2.0.3 | |
| Netty | 4.1.108.Final | 4.1.113.Final |
Modeling tools
Library | Old version | New version | CVEs addressed |
| jxbrowser | 7.37.2 | 7.41.2 |