Jahia 8.1.8 Release Notes
October 22, 2024
What's new?
Jahia 8.1.8 is a maintenance release primarily addressing security-related issues, that also includes various bug fixes and a couple improvements.
This version address incompatibility issues with Chrome 128+ and Firefox 130+
Apart from security and compatibility, improvements and fixes touch 4 main areas of the product:
- Imports: when a site is imported both in live and edit modes, the import is faster.
- Vanity URLs with a special effort on coherence and clarification related to status and publication / un-publication of said vanity URLs
- Sessions management : improvements to avoid Out of memory errors notably by limiting the size of Node Session Cache
- SAM (Server availability manager) : new probes were added that help customers to monitor the health of their Jahia instances, including Node Cache Load and Datastore node Health.
Updated modules and libraries in 8.1.8
Library upgrades
The following librairies were updated between Jahia 8.1.7.2 and Jahia 8.1.8.1
| Library | Version in Jahia 8.1.7.2 | Version in Jahia 8.1.8.1 |
|---|---|---|
| Apache Karaf Cellar | 4.1.3-jahia10 | 4.1.3-jahia11 |
| Apache Tomcat | 9.0.83 | 9.0.93 |
| DB Driver - MariaDB | 3.0.9 | 3.3.3 |
| DB Driver - MySQL | 8.0.33 | 8.3.0 |
| DB Driver - MSSQL | 9.4.1.jre8 | 12.6.3.jre8 |
| DB Driver - Oracle | 21.9.0.0 | 21.13.0.0 |
| DB Driver - PostgreSQL | 42.6.0 | 42.6.1 |
| Drools | 6.0.0.Final-jahia1 | 6.0.0.Final-jahia2 |
| Hazelcast | 3.12.10 | 3.12.13 |
| Jahia configuration plugin | 6.8 | 6.8.1 |
| OWASP Dependency Check | 8.2.1 | 10.0.3 |
| Pax Web JSP | 7.3.7 | 7.3.7-jahia3 |
Updated modules
The following modules were updated between Jahia 8.1.7.2 and Jahia 8.1.8.1
| Module | Version in Jahia 8.1.7.2 | Version in Jahia 8.1.8.1 |
|---|---|---|
| App Shell | 2.9.0 | 2.10.0 |
| Clustering | 8.1.0.9 | 8.1.0.11 |
| Content Editor | 3.6.0 | 3.7.0 |
| GraphQL Core Provider | 2.19.1 | 2.21.0 |
| Jahia Administration | 1.8.0 | 1.10.0 |
| Jahia Dashboard | 1.8.0 | 1.10.0 |
| Jahia Dashboard Docs | 1.2.0 | 1.3.0 |
| Jahia Page Composer | 1.11.0 | 1.12.0 |
| Jahia UI Root | 1.8.0 | 1.10.0 |
| Jahia User Entries | 1.5.0 | 1.6.0 |
| jContent | 2.13.0 | 2.17.0 |
| Personal API Tokens | 1.4.1 | 1.5.0 |
| Remote Publish | 9.7.0 | 9.10.0 |
| SDL Generator Tools | 2.3.0 | 2.4.0 |
| Security Filter Tools | 2.4.0 | 2.5.0 |
| Server Settings | 9.7.0 | 9.7.2 |
| Site Settings SEO | 4.4.0 | 4.5.0 |
| Tools | 4.4.0 | 4.6.0 |
Jahia 8.1.7.2 >> 8.1.8.1 - Changelog
Security
- Added default search limit for the search results taglib
- Improved URL pattern and checks in Spring framework (See: Security patch - April 2024)
- Upgraded drools from 6.0.0.Final-jahia1 to 6.0.0.Final-jahia2 to fix a XXE issue
Core
- Added an error message when a user triggers a permanently delete action on content that still exists in live
- Introduced a new permission filter to better control access to ajax views
- Added redirect check for protocol-relative URLs
- Introduced in the API a mechanism to create sessions without feeding JCRSessionCache (doExecuteWithLongSessions methods)
- Limit the size of the node cache in jcr session
- Improved performances of the Jahia internal caching system
- Upgraded MariaDB driver from 3.0.9 to 3.3.3
- Upgraded MySQL driver from 8.0.33 to 8.3.0
- Upgraded MSSQL driver from 9.4.1.jre8 to 12.6.3.jre8
- Upgraded PostgreSQL driver from 42.6.0 to 42.6.1
- Upgraded Oracle driver from 21.9.0.0 to 21.13.0.0
- Upgraded Tomcat from 9.0.83 to 9.0.93
- Fixed a compatibility issue between Jahia page composer and Chrome 128+ when accessing content via links
- Fixed potential Jahia JCR sessions cache of node wrappers corruption due to new limit on those caches
- Fixed issue with the "show in repository explorer" menu item not using the right link to repository explorer
- Fixed issue with duplicated parameter values in query string
- Updated the size of the workflow modal to accomodate smaller screen resolution
- Fixed an issue with the GWT UI making it unclear which content is selected and potentially resulting in incorrectly deleting nodes
- Fixed an issue with tools after deleting the tomcat temp folder
- Fixed missing translations in some editor dialogs
- Fixed an issue with .html.ajax requests not rendering properly the template:addResources
- Fixed an issue with URL parameters not kept when redirected to the Welcome servlet
- Block the unpublication of non-i18n contents when unpublishing i18n contents
Cluster
- Upgraded Hazelcast from 3.12.10 to 3.12.13
- Added a log when a configuration synchronisation problem is detected
- Improved the reliability of the configuration replication in cluster with Apache Karaf Cellar by introducing a retry mechanism and two new parameters:
config.integrityCheck.retryCountandconfig.integrityCheck.retryIntervalMSused when the integrity check is detecting a config synchronization issue.
Import/Export
- Improved cache management (JCRNodeCacheLoadAverage) when importing a site with a large number of files
- Optimized the UUIDs cleanup during import
- Fixed issue in single content import with embedded reference
Versioning
- Improved the version removal system to avoid out of memory situations
- Fixed issue with versioning not displaying the right content in the comparison view
Modules included in the upgrade - Changelog
App Shell (2.10.0)
- Fixed a loading issue when using Firefox 130 on Windows
Content Editor (3.7.0)
- Removed usage of introspection query SCHEMA_FIELDS_QUERY
GraphQL Core Provider (2.21.0)
- Removed usage of introspection query SCHEMA_FIELDS_QUERY
- Fixed an issue with non-translated nodes not listed in the usages tab
Jahia Administration (1.10.0)
- Improved HTML titles in Jahia UIs
- Removed usage of introspection query SCHEMA_FIELDS_QUERY
Jahia Dashboard (1.10.0)
- Improved HTML titles in Jahia UIs
- Removed usage of introspection query SCHEMA_FIELDS_QUERY
Jahia Dashboard Docs (1.3.0)
- Updated dashboard cards for Jahia 8.2
Jahia Page Composer (1.12.0)
- Removed usage of introspection query SCHEMA_FIELDS_QUERY
Jahia UI Root (1.12.0)
- Improved HTML titles in Jahia UIs
- Removed usage of introspection query SCHEMA_FIELDS_QUERY
Jahia User Entries (1.12.0)
- Fixed issue with workflow icon not updated after start of a publication
jContent (2.17.0)
- Fixed an issue with mimetype not well set by using a new way to detect it
- Ensure Subpages under jnt:navMenuText (Menu Label) are selectable in pickers
- Fixed a layout issue with the preview on small screens
Personal API Tokens (1.5.0)
- Extended graphql-annotation range following upgrade of GraphQL libraries in Jahia core
Remote Publish (9.10.0)
- Fixed performance issues in purge journal feature
SDL Generator Tools (2.4.0)
- Updated lodash from 4.17.20 to 4.17.21 to address a vulnerability in the library
Security Filter Tools (2.5.0)
- Extended graphql-annotation range following upgrade of GraphQL libraries in Jahia core
Server Settings (9.7.2)
- Fixed an issue resulting in a blank page when updating app-shell from the module manager UI
Also introduced in version 9.7.1:
- Added the ability to select all sites in the sites management panel
Site Settings SEO (4.5.0)
- Improved performances of the vanity URLs migration triggered by the module upgrade
- Give possibility for users without publication permissions to request the publication of Vanity URLs
- Added the unpublish action on vanity URLs
- Fixed an issue with wrong Vanity URLs publication status after unpublish a page for one language
- Hide vanity url publish button for not published content
Tools (4.6.0)
- In Search Engine Management, Introduced a new option to make it possible to enable/disable consistency check when performing a re-index.