Third-Party Update: Apache Ant 1.10.9

Apache Ant has been updated to version 1.10.9, which fixes security vulnerability CVE-2020-11979.

(CMS-18365)

Updated to latest Spring Framework 5.2.9, Spring Boot 2.2.10, and others

The following third party party libraries have been updated to fix CVE-2020-5421 :

(CMS-18305)

Resolve dependency on examples-thirdparty-bom

Fixed dependencies of module examples.blueprint.

(CMS-18265)

Quote parameter in management-tools entrypoint chain

In order to run the management tools with parameters containing spaces, such as content paths, all scripts part of the chain must quote their parameters on the exec call.

If for example one wants to use the serverexport tool with a path containing a space this works now also as a part of the chain.

docker run --rm coremedia/management-tools \
  tools/bin/cm serverexport -u admin -p admin \
  "/Sites/Chef Corp"

(CMS-18185)

UAPI Reconnect

In some cases the UAPI was not able to reconnect after a Content Server restart because of HTTP response caching issues. This has been fixed.

(CMS-17996)

Third-Party Update: Jetty

Jetty has been updated to version 9.4.30 to avoid a security issue of the previous version (CVE-2019-17638).

(CMS-17836)

Translation Auto-Merge Keeps Order of Link Lists

Fixed a bug in the auto-merge functionality of translation workflows, which sometimes caused a wrong order of contents when changes from a placement link list were merged to a derived content.

(CMS-17515)

Autofill in browsers now finds correct field types

Two autofill behaviours have been fixed.

(CMS-16773)

Copy mysql configuration files in Dockerfile using mysql user

To prevent access rights conflicts in some environments, the configuration files should be copied using the mysql user.

(CMS-16538)

Sort results in UAPI queries

It is possible to sort by parent folder id, place approval date and place approver in UAPI queries now.

(CMS-11314)