Updated (Embedded) Tomcat to 9.0.68

Updated (Embedded) Tomcat to version 9.0.68 to prevent potential CVE-2022-42252, although we don't use the vulnerable setting rejectIllegalHeader.

(CMS-22354)

Third-Party Update: commons-text

Apache commons-text has been updated to version 1.10.0 to avoid security vulnerability CVE-2022-42889.

(CMS-22268)

Added Nullability Annotations to Validator and ValidationService

Nullability annotations are added to Validator and ValidationService. Fixed a possible NullPointerException in com.coremedia.blueprint.common.services.validation.AbstractValidator.

(CMS-22183)

Fixed Atom Feed Validation

Added missing mandatory fields id and updated to Atom feed.

By this change, the optional fields pubDate and dc:date were also added to the RSS feed.

(CMS-21318)

Bugfix: Image Map Hotzones Misplaced when "Fit Image to Crop"

Image Map hotzones could be misplaced in CAE and Headless Server rendering, if "Fit image to crop" is active on corresponding image. This change resolves the issue. Existing image map hotzones do not need to be changed.

(CMS-19436)

RSS Feed Source for CMChannel Fixed

Method CMChannelImpl#getFeedItems() would return the linked items of page placement main in the wrong type, leaving an RSS feed for a page empty. This is fixed and RSS feeds for a page can now be delivered.

(CMS-17459)