Release Notes / Version 11.2307
Table Of ContentsFix Solr Configuration for Replication Handler
The Solr configuration files (solrconfig.xml) for CAE and Studio indices have been fixed to not configure example credentials for basic authentication for the Solr replication anymore. These settings had been introduced accidentally and caused problems when trying to override them externally.
(CMS-22550)
Updated gRPC, Netty and transitive dependencies
To prevent known CVEs, Netty and related dependencies have been updated to their latest non-breaking versions:
gRPC Spring Boot Starter 2.13.1.RELEASE (see gRPC Spring Boot Starter Releases )
gRPC-Java 1.52.1 (see gRPC-Java Releases )
Java Protocol Buffers 3.21.12 (see Java Protocol Buffers Releases )
Netty 4.1.87.Final (see Netty Project News )
Error Prone Annotations 2.17.0 (see Error Prone Releases )
AWS SDK for Java 2.17.295 (see AWS SDK for Java Changelog )
(CMS-22510)
Third-Party Update: postgresql Driver
postgresql has been updated to version 42.5.1 to avoid reported security vulnerabilities of previous versions.
(CMS-22450)
Bugfix: Robustness against Invalid Background Colors in Image Transformation
Illegal values for a background color led to exceptions and failure in image transformation. Background color can be defined in image document's setting coloring.background . A new Studio validator ColorSettingValidator ensures that errors of this kind are reported as content issues in Studio and prohibit publication of the respective documents. Furthermore, illegal values are replaced by default values in preview so that no exceptions are raised in this case.
(CMS-22440)
Updated Spring Security to 5.6.9
Updated Spring Security to version 5.6.9 to prevent potential CVEs for customers using OAuth2
(CMS-22355)