LUY 7.5.1
LUY 7.5.1
February 2024
The version LUY 7.5.1 is a service release, in which we did minor improvements and fixed bugs.
This version of LUY supports the latest MySQL 8 database and corresponding database driver. See our how-to on upgrading from MySQL 5.7 to MySQL 8: https://help.luy.app/doc/7.5/on-premise/how-to-upgrade-from-mysql-5-7-x-to-8-x
Fixed bugs
Fixed an issue where authenticated users with edit permission where able to run arbitrary JavaScript code at the inline editor.
Fixed an issue where a report’s owner did not get information when their report was overwritten.
Fixed an issue in the global search where links to elements were not shown.
Fixed an issue with the behavior after session timeout when using SAML2.
Fixed an issue with launching the proper authentication scheme when using LDAP and SSO.
Important Announcement for the upcoming release 7.6
Version 7.5.1 is our last release supporting the LUY installer.
To what extent am I as a customer affected by changes in LUY 7.6 and if I am affected, what needs to be done?
The future LUY version 7.6 will introduce some changes which will have different effects depending on the type of installation or operation:
Cloud customers won’t notice any changes, as we will automatically deploy the update during a maintenance window as usual. The update does not contain any functional features changing the use of LUY.
On-premise customers using Docker will notice some changes. The update of the Docker container needs to be executed as usual. However, there are some configuration changes in the properties that you should be aware of. Details can be found in our upcoming release notes for the version 7.6.
For on-premise customers using the installer there is an important adjustment: LUY 7.5.1 is the last version with installer support and an update via this path is no longer possible for LUY 7.6 and future versions. We recommend switching to the cloud version of LUY and support you in moving from on-premise to our cloud. Alternatively, you can install LUY locally via Docker. Here, too, we are happy to support you.
Why is the installer no longer supported?
We have decided to discontinue support for the current installer after LUY 7.5.1 and only offer Docker images from LUY 7.6 onwards. This is the result of our latest internal security assessment and the Java update to version 21 to be included in LUY 7.6. This decision also reflects the change in customer demand. We are seeing a growing trend towards the use of our cloud solutions, leading to our decision to focus resources on providing and improving these services.
With Docker, we have another solution that simplifies development as well as installation and updates for our on-premise customers. For example, the Java update with the previous installer would also require a manual Java update and corresponding configuration adjustments on the customer side. Docker enables an easier and faster installation and update as well as greater flexibility compared to the traditional installer method.
When do I have to update to LUY 7.6?
As with every update, we recommend installing this as soon as possible. However, in order to offer you more flexibility and reduce the time pressure, we published several security critical updates in our service release 7.5.1. This release is still delivered with the conventional installer. We recommend installing the upgrade to 7.5.1 as soon as possible. This provides you with more freedom to choose when to upgrade to LUY 7.6 according to your individual requirements and schedule.
What exactly does the Java / Spring Boot migration in LUY 7.6 entail? What is included, what is migrated and why?
LUY 7.6 includes an update of our current Java and Spring Boot versions. We previously used Java 11, which has reached its end of life (EoL). This means that there won’t be any updates of this version available in the future to close newly discovered security gaps. To ensure the security of our systems, it is therefore necessary to migrate to a newer Java version, specifically Java 21.
The situation is similar with our previous version of Spring Boot, Spring Boot 2.7. Spring Boot plays an important role in our system as it manages many of the libraries we use. As Spring Boot 2.7 is now also EoL, new security vulnerabilities in the libraries we use can no longer be fixed by a simple library update. An update to the newer Spring Boot 3 version is also required here.
Is there an exact timeline for the release of LUY 7.6?
We currently expect the update to be available in May 2024.
Does the update to LUY 7.6 have any effects that I need to be aware of, e.g. on the plugin API or the login behavior?
With the update to LUY 7.6, we have updated key underlying libraries to improve performance and security. It is important to note that in few cases these updates may lead to compatibility issues; for example, if a library no longer supports a certain configuration. However, we want to reassure you that our team has conducted extensive testing to minimize the risk of such issues. Should you still encounter difficulties, especially in context with the plugin API or login behavior, please do not hesitate to contact our support.
We understand that this change may pose challenges for some of our customers. Nevertheless, we are convinced that this step is necessary to improve the security, efficiency and usability of our software. Our support team is ready to assist you with the transition to Docker or the move to the LUY Cloud and answer any questions you might have in this regard.