Third-Party Update : Drew Noakes Metadata Extractor

Third-party library com.drewnoakes:metadata-extractor has been updated to version 2.18.0 to avoid security vulnerabilities of the previous version.

(CMS-21627)

Third-Party Update: google-oauth-client

The third-party library com.google.oauth-client:google-oauth-client has been updated to 1.33.3 to avoid security vulnerability CVE-2021-22573.

(CMS-21579)

Info Actuator Endpoint Runs into Jackson Exception if Build Enables git-commit-id-plugin

If a build included the Git Commit ID (via enabling the git-commit-id-plugin), the actuator endpoint info ran into an exception for Studio Server and CAE. This has been fixed. The Git Commit ID will now be returned again properly.

(CMS-21404)

motd and tools-context Function Missing in management-tools Container

Due to the switch from openJDK to Amazon Corretto as a base image, there is also a switch from Debian to a CentOS base image and therefore the locations of these convenience scripts changed. This change fixes the behaviour when running with the Amazon Corretto base image.

(CMS-21360)

Fixed Bug that Required Exact User Names for Login

Fixed the bug that users from a specially customized user provider could not log in with a different identifier than the user name. For releases before 2007.1, custom user providers could return users for other login identifiers, but more recent releases prevented this. The possibility has been restored now, so that these custom user providers continue to work.

(CMS-21105)

Fixed NullPointerException in FeedableImpl

When the type of a collection set as feedable element cannot be determined, the type now correctly defaults to String.

(CMS-21065)

The License Check Now Considers IPs of all Network Interfaces

For IP based licenses all network interfaces are considered now and the check passes if there is at least one IP that can be successfully validated against the IP range configured in the license.

(CMS-20799)

Documentation on Passwords in Tools dumpusers/restoreusers

Documentation of tools dumpusers/restoreusers has been extended to give additional information on handling of passwords.

(CMS-20596)

The Garbage Collector is Now Robust Against Long Link Chains in Trash

The Garbage Collector is now robust against long link chains in trash.

(CMS-20536)

Limit Content Server Threads Checking Database Connections

Fixed the bug that the number of threads used by the Content Server for checking database connections wasn't limited. This could have led to instabilities in cases, where many calls to the database are blocked due to some problems with the database. By default, the number of such threads is now limited to twice the maximum number of database connections. The limit can be changed with configuration property sql.pool.check-connection-max-threads as described in the Deployment Manual in section "CoreMedia Properties Overview | Content Server Properties | Properties for the Connection to the Database".

(CMS-20535)

Fixed Parsing of Workflow Timer Element

Timer elements in workflow definitions with relative values but without explicitly setting the property relative are now recognized correctly as 'relative' even for values > 999.

(CMS-20175)