Jahia 8.1.1 Release Notes

Jahia 8.1.1 is a maintenance release that includes various bug fixes. Several third-party libraries have been upgraded to benefit from their latest security fixes. 

Core

• Upgraded commons-text from 1.8 to 1.10 to fix a critical vulnerability (see Security Patch - October 2022)
• Fixed deadlock issue "Waiting for final start level to be reached" at Jahia startup

Security

• Fixed issue with Jahia installation not possible without internet connection
• Fixed issue with cluster node synchronisation when using provisioning

Security

• Backported security fix to our fork for Spring beans 3.2.18
• Upgraded Tomcat from 9.0.55 to 9.0.62

Security

• Optimized some regular expressions when cleaning internal tags in HTML
• Upgraded Apache Shiro from 1.7.1 to 1.8.0
• Fixed macros regex to prevent backtracking
• Upgraded log4j to 2.17.1 and pax-logging to 1.11.13
• Updated protobuf-java to 3.16.1

Core

• Improved Jahia performances by tuning JVM options (add link to Academy)
• Added configuration for Hazelcast Management Center
• Upgrade to bndtools 6.1 and maven-bundle-plugin 5.1.2
• Prevented the creation of new Tomcat sessions from Atmosphere servlet handshake
• Fixed issue with Cellar configuration file name containing spaces
• Fixed Cluster synchronization at the Atmosphere Jgroups Channel level
• Updated Spring Transaction library to fix a compilation issue
• Fixed issue with the maintenanceMode Jahia property not taken into account
• Remove duplicate static resources in the 'head' tag if they also exist in 'body'
• Fixed undeletion issue with internationalized contents
• Added a refresh of the updated bundle instead of the dependencies to cleanup OSGI wiring
• Fixed issue with dynamic initializer not available until the module is started
• Fixed issue with buttons that cannot be unchecked in Content Editor advanced panel
• Fixed issue with validation error messages not in the right language in Content Editor
• Fixed issue while browsing a website in live in its default language when urlRewriteRemoveCmsPrefix = false
• Fixed issue with modules not started in some cases (when multiple versions are installed) after fileinstall initial startup
• Fixed link provided in the integrity message when deleting a content in use
• Fixed issue when using date facets in external data provider
• Removed mandatory language check for publication when node is marked for deletion
• Added logs in servlet filters for errors that were not catched
• Fixed wiring issue at startup when upgrading JDK from 8 to 11
• Removed publication info when copying/pasting a node
• Added ClientAbortException in excluded from thread dump exceptions
• Fixed preview not displayed for "all fields required" content type
• Prevented override of Yaml configuration file when restarting cluster nodes
• Fixed issue with area constraints not always taken into account when displaying the buttons to add a content
• Fixed issue preventing adding new loggers in log4j Administration

Content Editor

• Removed delete button from list ordering in legacy edit interface

Import/Export

• Fixed export issue caused by broken references to EDP nodes
• Fixed export issue when fieldnames begin with a numeric character
• Fixed cross site references issue during import
• Fixed import site stuck because of a SVG file

Publication

• Added the number of items to be unpublished in the workflow dashboard popup
• Removed useless warning log "This node doesn't exist in this language" when a page is not published

Search

• Removed nofulltext on j:nodename, so that the system name will be shown in the results

Server/Site Administration

• Flushing all caches now also empties the generated-resources folder
• Removed mail-1.4.7.jar (as javax.mail-1.6.1.jar is already deployed)

Workflows

• Fixed a 404 error when opening a preview from the workflow dashboard

Installer

• Upgraded packaged Tomcat to 9.0.55
• Improved Jahia performances by tuning JVM options (more details here)
• Added the formatMsgNoLookups Log4j2 option in the Tomcat startup options

AppShell (2.6.0)

• Improved handling of non existing JS files while loading modules, to prevent 404 or white screens

CKEditor (4.17.1)

• Upgraded CKEditor from 4.13.1 to 4.17.1
• Fixed issue with Phone Link type created as undefined

Content Editor (3.4.0)

• Created a 3 dots button for single fields providing the copy to other languages action
• Added new action "Copy to other languages"
• Added a color picker
• Improved error logging to display more information
• Improved error handling to return the default configuration when the CKEditor configuration cannot be read
• Improved dropdown choicelists by adding a search and a filter on it
• Updated the label for the classification section from "Categories" to "Classification"
• Fixed issue with content type restrictions being displayed on all content types
• Fixed issue with incorrect language being used in advanced options
• Fixed issue with choicelists containing long values
• Fixed issue when updating a content in a language that modify the publication status of the other languages
• Fixed issue with datepicker format not taken into account
• Fixed order of mixins in Content Editor
• Fixed issue in editor form by checking that the definition match before getting values
• Fixed issue with navMenu items not selectable in the page picker

Content Security Policy (2.2.0)

• Fixed reporting issue when Jahia is deployed under non-root webcontext

CSRF guard (2.4.0)

• Changed module-type of jahia-csrf-guard to "system"
• Removed csrf token from error.html pages
• Added possibility to set CSRFGuard properties

External data provider (4.3.0 depends on Jahia 8.1.1)

• Fixed potential memory leak with JCR sessions
• Added a refresh of external sessions on embedded extensionSessions

GraphQL (2.9.0 depends on Jahia 8.1.1)

• Added homePage field on site query to get the home page node
• Added new parameters to the GraphQL renderedContent field: "isEditMode" and "mainResourcePath"
• Added the ability to publish all nodes down the tree via a GraphQL mutation
• Improved error logging to display more information
• Added possibility to specify a behaviour at API level when a content already exists during an import
• Restored error handling behaviour in nodesById and nodesByPath

Jahia Tools (4.1.0)

• Fixed issue with Action's class names not displayed in the tools when exposed as OSGi service
• Updated search results label in query tools to avoid confusion

Jahia UI Root (1.5.0)

• Improved error page when trying to access non existing urls

jContent (2.6.0)

• New file icons
• Added possibility to specify a behaviour at API level when a content already exists during an import
• Fix issue with modified dates not correctly displayed
• Fixed calculation issue when resizing in image editor
• Added % to invalid chars and an error message in the Create Folder dialog

LDAP Provider (4.4.0)

• Prevented LDAP from returning all results with incompatible criteria

Macros (8.2.0)

• Fixed macros regex to prevent backtracking

Module Manager (2.4.0)

• Fixed encoding issue for URLs coming from stores

Page Composer (1.6.0)

• Fixed issue leading to an error screen when the property j:isHomePage is missing on a page
• Fixed issue with page composer url when it contains a query string

Site Settings SEO (3.2.0)

• Removed useless green and red checks in inputs
• Fixed issue when jmix:vanityUrlMapped is enabled but without any vanity URL on the node
• Fixed onblur issue during creation of Vanity URLs in content editor
• Fixed margins issue in Vanity URLs panel in content editor

User Dashboard (8.4.0)

• Added logic to display home page for preview link for users without edit access

Location (3.2.0)

• Fixed creation of location when geocoding mixin is activated

News (3.4.0)

• Fixed locale format for pubDate in RSS template