Jahia 8.1.7 Release Notes

January 31, 2024

What's new?

Jahia 8.1.7 is a maintenance release primarily addressing security-related issues. 

This release includes a fix related to rewrite rules that were affected by a previous change (in jahia-page-composer 1.8.0 / Jahia, to only affect the rules related to Jahia edit mode.

Library upgrades

The following librairies were updated between Jahia and Jahia

Library Version in Jahia Version in Jahia
Apache Shiro 1.12.0 1.13.0
Apache Tomcat 9.0.75 9.0.83
Jahia configuration plugin 6.7 6.8
JSON Java 20070829 20070829-jahia2

Updated modules

The following modules were updated between Jahia and Jahia

Module Version in Jahia Version in Jahia
App Shell 2.8.1 2.9.0
GraphQL Core Provider 2.19.0 2.19.1
Jahia Page Composer 1.10.0 1.11.0
jContent 2.11.0 2.13.0
Personal API Tokens 1.4.0 1.4.1
Site Settings SEO 4.2.0 4.4.0


  • Fixed an issue in JSON parsing allowing to progressively increase memory usage (see Security Patch - December, 2023)
  • Added a permission check for the export feature
  • Hide authorization header in ErrorLoggingFilter logs
  • Fixed errors when replicating a configuration accross a cluster
  • Fixed errors when using unpublish all due to duplicated content id across languages
  • Improved checks of authorized redirects
  • Upgraded Shiro from 1.12.0 to 1.13.0
  • Upgraded the Tomcat version provided by the installer from 9.0.75 to 9.0.83

Modules included in the upgrade - Changelog

App Shell (2.9.0)

  • Fixed blank page issue when accessing administration pages due to wrong site and language resolution
  • Fixed random blank page in administration pages due to the module not initializing correctly

GraphQL Core Provider (2.19.1)

  • Added a new entry point to get url of external provider nodes

Jahia Page Composer (1.11.0)

  • Fixed issue with query parameters not preserved upon redirection by adding rewrite rules

jContent (2.13.0)

  • Fixed a blank screen issue when navigating to an empty folder
  • Fixed an issue when switching views caused by the paste action that was missing the language

Also introduced in version 2.12.0:

  • Fixed an issue in the picker returning to start of the list when opening a folder

Personal API Tokens (1.4.1)

  • Extended graphql-annotations compability range
  • Upgraded Jahia configuration plugin version
  • Removed the duplicated "resolutions" entry in package.json

Site Settings SEO (4.4.0)

  • Fixed incorrect webpack configuration that could result in a crash of Jahia Administration UI when modules other than site-settings-seo
  • Fixed error in the browser's console when moving vanity URLs