Jahia 8.1.6 Release Notes

January 31, 2024

What's new?

Jahia 8.1.6 is a maintenance release that includes various bug fixes and a couple improvements:

  • .webp thumbnails are now displayed in jContent
  • The deletion modal has been reworked in jContent, however the one in Page Composer remains the same
  • Developers can now find the target of setting panels, and jContent context menu actions, by looking at the html source of an element: this will simplify the registration of custom setting panels and actions!
The procedure Updating module versions with minimal downtime has been updated and simplified.

Due to an issue in a library used by Jahia (Mvel2), versions prior to 8.1.6.0 are not compatible with JVM versions starting with "11+" like the one provided by OpenJDK 11 GA ("11+28"). This issue has been fixed in Jahia 8.1.6.0.

Rewrite rules configuration

In jahia-page-composer 1.8.0 (packaged with Jahia 8.1.3.0), the global category flag use-query-string="true" was added to keep the query parameters when there's a redirection in Jahia. As it affects all the rewrite rules and all the urls, we made the decision to roll back this change and worked on another fix that only affects rules related to Jahia edit mode. We strongly encourage to upgrade jahia-page-composer to version 1.11.0.

Library upgrades

The following librairies were updated between Jahia 8.1.5.0 and Jahia 8.1.6.0

Library Version in Jahia 8.1.5.0 Version in Jahia 8.1.6.0
Apache Tomcat 9.0.71 9.0.75
DB Driver - MySQL 8.0.32 8.0.33
DB Driver - MSSQL 9.2.1.jre8 9.4.1.jre8
DB Driver - Oracle 21.1.0.0 21.9.0.0
DB Driver - PostgreSQL 42.5.2 42.6.0
Mvel2 2.1.7 2.1.7.Jahia1
Xalan 2.7.2 2.7.3

Updated modules

The following modules were updated between Jahia 8.1.5.0 and Jahia 8.1.6.0

Module Version in Jahia 8.1.5.0 Version in Jahia 8.1.6.0
CKEditor 4.19.1-jahia8-3 4.21.0-jahia8-5
Content Editor 3.5.0 3.6.0
Clustering 8.1.0.7 8.1.0.8
External Provider 4.5.0 4.6.0
External Provider Modules 4.5.0 4.6.0
External Provider VFS 4.5.0 4.6.0
Graphql Provider 2.18.0 2.19.0
Jahia Administration 1.6.0 1.8.0
Jahia Category Manager 1.2.0 1.3.0
Jahia CSRF Guard 3.3.0 3.4.0
Jahia Dashboard 1.7.0 1.8.0
Jahia Developer Tools 1.0.0 1.1.0
Jahia Page Composer 1.9.0 1.10.0
Jahia Repository Explorer 1.4.0 1.5.0
Jahia UI Root 1.7.0 1.8.0
Jahia User Entries 1.4.0 1.5.0
jContent 2.10.0 2.11.0
Module Manager 2.7.0 2.8.0
Remote Publish 9.5.0 9.7.0
SDL generator Tools 2.2.0 2.3.0
Server Settings 9.6.0 9.7.0
Server Settings EE 9.2.0 9.3.0
Site Settings SEO 3.5.0 4.2.0

Jahia 8.1.6.1 >> 8.1.6.2 - Changelog

  • Fixed a compatibility issue between Jahia page composer and Chrome 128+ when accessing content via links

Core

Security

  • Applied admin permissions on these endpoints: findUser, findUsersAndGroups, findUsersAndGroupsInAcl
  • Fixed XSS vulnerability in GWT page composer

Core

  • Upgraded mvel2 from 2.1.7 to 2.1.7.Jahia1 to fix an issue preventing usage of JVM version starting with "11+" (like in OpenJDK 11 GA: 11+28)
  • Upgraded xalan and serializer from 2.7.2 to 2.7.3
  • Upgraded MySQL driver from 8.0.32 to 8.0.33
  • Upgraded MSSQL driver from 9.2.1.jre8 to 9.4.1.jre8
  • Upgraded PostgreSQL driver from 42.5.2 to 42.6.0
  • Upgraded Oracle driver from 21.1.0.0 to 21.9.0.0
  • Removed unused dependency to jstl-1.2
  • Added the history tab in Repository Explorer
  • Added a new property to prevent initJahiaContext from being injected in live mode (more details here)
  • Added registry target, and key, in the html attribute of setting panels and jContent actions
  • Hide stacktrace in html if not in dev mode
  • Removed unused jahia.find.propertiesToSkip property
  • Removed unexpected stream close when exporting site with a groovy script
  • Fixed issue with event listener using nodetypes filtering that were not receiving property events on i18n properties
  • Fixed memory leak when using JCRTemplate.doExecute function with guest user
  • Fixed usage of jcr:cd with space in filename or folder
  • Fixed issue where the extra div for main module break further changes in tags under body
  • Fixed issue with external events being skipped during cluster journal sync
  • Fixed issue with file caching when no lastModifiedDate is provided by using the current date
  • Fixed issue with Template titles coming from a resource bundle (jmix:rbTitle) that were displayed

Docker

  • Added additional exposed port (8000) in Docker image (used by Tomcat JPDA debugging by default)
  • When using Jahia in Docker, fixed improper shutdown on UNIX-based platforms when using a kill command

External Data Provider

  • Fixed the zip being corrupted when downloading as zip files and folders from a mount point

Import/Export

  • Fixed issue when importing an unstructured content from the edit mode

Installer

  • Upgraded Tomcat from 9.0.71 to 9.0.75

Module Management

  • Added option to install/start/stop/uninstall bundles locally on a cluster node using modules API and provisioning
  • Fixed sequence order (stop, refresh, start) during module start operation

Sitemap

  • Fixed memory leak issue on sitemap generation

Modules included in the upgrade - Changelog

CKEditor (4.21.0-jahia8-5)

  • Upgraded ckeditor4 from 4.19.1 to 4.21.0
  • Fixed issue with Macros menu not being displayed

Content Editor (3.6.0)

  • Fixed wrong publication icon

Default skins (8.1.0)

  • Updated jahia-depends property to have more accurate dependencies

GraphQL DXM Provider (2.19.0)

  • Introduced a new GraphQL node to fetch journal revisions and cluster in sync status
  • A version is now created when uploading a file to replace an existing one
  • Fixed issue with a translated property being duplicated after internationalization of the related content

Jahia Administration (1.8.0)

  • Added registry target, and key, in the html attribute of the setting panel

Jahia Category Manager (1.3.0)

  • Added registry target, and key, in the html attribute of the setting panel

Jahia CSRF Guard (3.4.0)

  • Upgraded csrfguard to 4.3.0 to add support for multiple domain origin

Jahia Dashboard (1.8.0)

  • Added registry target, and key, in the html attribute of the setting panel

Jahia Developer Tools (1.1.0)

  • Added registry target, and key, in the html attribute of the setting panel
  • Upgraded webpack to version 5.78.0
  • Upgraded ui-extender to version 1.0.6
  • Upgraded data-helper to version 1.0.7
  • Added a dependency to jahia-ui-root

Jahia Page Composer (1.10.0)

  • Added registry target, and key, in the html attribute of the setting panel
  • Fixed an issue with the iframe error check returning a 404 when the metadata starts with "40*" in Page Composer
  • Removed the multiple "redirect=false" parameter added to the url when refreshing Page Composer

Jahia Repository Explorer (1.5.0)

  • Added registry target, and key, in the html attribute of the setting panel

Jahia UI Root (1.8.0)

  • Added registry target, and key, in the html attribute of the setting panel
  • Disabled authoring UI when read-only mode is enabled
  • Fixed issue with left navigation icons that were not displayed on small screens
  • Fixed "Page not found" error when switching sites in Page Composer

Jahia User Entries (1.5.0)

  • Added registry target, and key, in the html attribute of the setting panel
  • Fixed logout issue when using a custom LogoutUrlProvider

jContent (1.11.0)

  • Added registry target, and key, in the html attribute of the setting panel
  • Upgraded ui-extender to version 1.0.9
  • Upgraded data-helper to version 1.1.2
  • Upgraded Apollo client to version 3.5.10
  • Added a dependency to app-shell 2.6.0+
  • Improved the jContent header design in responsive mode and when there's a multiple selection
  • Added a new modal for content deletion
  • Added the display of a modal when clicking on an external link
  • Added a dropdown with selected items in the action toolbar
  • The selection in jContent can now be cleared using the escape key
  • Keep selection in jContent when switching between list and structured views
  • Thumbnails of .webp and images with no file extension are now displayed
  • New check preventing files with special characters from being uploaded
  • Improved the display of small images (width < 200px) in thumbnail view
  • A version is now created when uploading a file to replace an existing one
  • Fixed an issue with content that couldn't be pasted due to faulty content type restriction check
  • Fixed issue with the publication menu not refreshed after replacing a file

Module Manager (2.8.0)

  • Fixed issue when searching for "Download" in the module manager administration that returned all modules
  • Avoid module administration UI crash when something goes wrong during a module startup

Remote Publish (9.7.0)

  • Fixed issue with origin header value when using a context

SDL Generator Tools (2.3.0)

  • Updated jahia-depends property to have more accurate dependencies

Server Settings (9.7.0)

  • Upgraded to webpack5 and removed compat mode from appshell
  • Upgraded webpack to version 5.78.0
  • Upgraded ui-extender to version 1.0.6
  • Added a dependency to app-shell
  • Fixed XSS vulnerability when importing a file

Server Settings EE (9.3.0)

  • Upgraded to webpack5 and removed compat mode from appshell
  • Upgraded webpack to version 5.78.0
  • Upgraded ui-extender to version 1.0.6
  • Added a dependency to app-shell

Site Settings SEO (4.2.0)

  • Upgraded data-helper to version 1.1.4
  • Upgraded Apollo client to version 3.5.10
  • Added a dependency to app-shell 2.6.0+

Modules - Changelog

The following modules have been released along with the Jahia 8.1.6 release and are not automatically updated when upgrading to 8.1.6, but can easily be updated from the administration.

CMIS Provider (3.3.0 - depends on Jahia 8.1.5)

  • Improved XML parser to use a secured one
  • Disabled the sample mount point config file, generating harmless logs at startup

SAML Authentication Valve (2.4.0 - depends on Jahia 8.1.5)

  • Upgraded xalan from 2.7.2 to 2.7.3
  • Fixed issue with incorrect redirection path provided in the cookie