7.8.12 release - Enterprise Java Content management system - Hippo CMS

7.8.12 release

January 29, 2016

Here is a new update for the projects running on 7.8.xx series, a new maintenance release 7.8.12 is available.  This release includes bug fixes & improvements  including XSS and XXE fixes.

Please upgrade your project to this latest maintenance release, see the minor upgrade instructions for more information.

We also recommend you to upgrade to our latest 10.1.x version where you can have awesome features. You can bootstrap or create a new project following the trials page.

The new versions of these module artifacts have been made available earlier and are now bundled up in this maintenance release. If the project already has been using these newer artifact versions via a project pom file override, then remove these artifact version overrides when upgrading to a newer maintenance release.

We encourage all projects to remain on the regular maintenance release. Using a tagged artifact that is not yet part of a maintenance release should only be done if there is a specific reason and only after testing in your specific project setup.

ARTIFACTS & VERSIONS in 7.8.10

CORE

Addon HST Config Editor 1.11.07
Addon Channel Manager 2.24.13*
Addon Search Service 1.01.02
Commons 1.02.06
CMS 2.24.22*
HST 2.26.17
Packages 2.24.01
Repository 2.24.19*
Services 1.02.03
Utilities 1.01.04
Project 22.2

FORGE

Content Blocks 1.09.04
Dashboard Document Wizard 1.03.11
Easy Forms 2.12.14
ECM Tagging 4.05.04
Gallerypicker 1.11.06
Poll 1.06.01
Properties 2.08.02
Relateddocs 2.08.12
Robotstxt 1.06.00
Selection 2.06.07
Sitemap 1.04.03
Taxonomy 1.09.06
TCMP 1.07.07

Enterprise

Addon Newsletter Manager 1.03.02
Addon Reporting 1.06.02
Addon Targeting 2.24.06*
Addon Edition Indicator 1.01.02
Addon Advanced Search 1.02.07
Eforms 1.02.12*

Dependencies

Jackrabbit 2.2.12-h1

(*) - New artifact versions

BUG

CHANNEL MANAGER

  • [CHANNELMGR-369] - [Backport to 7.8] Improve rendering of variant names in component properties window

TARGETING

  • [BT-490] - Backport BT-489 to 7.8: Targeting & Relevance: Documenttype multiple prefix includes
  • [BT-1383] - [Backport to 7.8] Improve rendering of persona and target group names

EFORMS

  • [EFORMS-358] - Bckport 331 to 7.8: XSS vulnerability in Eforms radiogroup/checkbox fields
  • [EFORMS-361] - Backport 347 to 7.8: Eforms has several XPath queries that does not escape path and query value properly

IMPROVEMENTS

CMS

  • [CMS-9751] - [Backport to 7.8] Improve rendering of dialog title
  • [CMS-9772] - [Backport to 7.8] Use WicketExtJs 0.18.1

REPOSITORY

  • [REPO-1406] - [Backport 7.8] No need to support DTD or XML validating in SystemViewXML

TASK

CMS

  • [CMS-9796] - Update copyright year on login screen to 2016

7.8.12 release

January 29, 2016

Here is a new update for the projects running on 7.8.xx series, a new maintenance release 7.8.12 is available.  This release includes bug fixes & improvements  including XSS and XXE fixes.

Please upgrade your project to this latest maintenance release, see the minor upgrade instructions for more information.

We also recommend you to upgrade to our latest 10.1.x version where you can have awesome features. You can bootstrap or create a new project following the trials page.

The new versions of these module artifacts have been made available earlier and are now bundled up in this maintenance release. If the project already has been using these newer artifact versions via a project pom file override, then remove these artifact version overrides when upgrading to a newer maintenance release.

We encourage all projects to remain on the regular maintenance release. Using a tagged artifact that is not yet part of a maintenance release should only be done if there is a specific reason and only after testing in your specific project setup.

ARTIFACTS & VERSIONS in 7.8.10

CORE

Addon HST Config Editor 1.11.07
Addon Channel Manager 2.24.13*
Addon Search Service 1.01.02
Commons 1.02.06
CMS 2.24.22*
HST 2.26.17
Packages 2.24.01
Repository 2.24.19*
Services 1.02.03
Utilities 1.01.04
Project 22.2

FORGE

Content Blocks 1.09.04
Dashboard Document Wizard 1.03.11
Easy Forms 2.12.14
ECM Tagging 4.05.04
Gallerypicker 1.11.06
Poll 1.06.01
Properties 2.08.02
Relateddocs 2.08.12
Robotstxt 1.06.00
Selection 2.06.07
Sitemap 1.04.03
Taxonomy 1.09.06
TCMP 1.07.07

Enterprise

Addon Newsletter Manager 1.03.02
Addon Reporting 1.06.02
Addon Targeting 2.24.06*
Addon Edition Indicator 1.01.02
Addon Advanced Search 1.02.07
Eforms 1.02.12*

Dependencies

Jackrabbit 2.2.12-h1

(*) - New artifact versions

BUG

CHANNEL MANAGER

  • [CHANNELMGR-369] - [Backport to 7.8] Improve rendering of variant names in component properties window

TARGETING

  • [BT-490] - Backport BT-489 to 7.8: Targeting & Relevance: Documenttype multiple prefix includes
  • [BT-1383] - [Backport to 7.8] Improve rendering of persona and target group names

EFORMS

  • [EFORMS-358] - Bckport 331 to 7.8: XSS vulnerability in Eforms radiogroup/checkbox fields
  • [EFORMS-361] - Backport 347 to 7.8: Eforms has several XPath queries that does not escape path and query value properly

IMPROVEMENTS

CMS

  • [CMS-9751] - [Backport to 7.8] Improve rendering of dialog title
  • [CMS-9772] - [Backport to 7.8] Use WicketExtJs 0.18.1

REPOSITORY

  • [REPO-1406] - [Backport 7.8] No need to support DTD or XML validating in SystemViewXML

TASK

CMS

  • [CMS-9796] - Update copyright year on login screen to 2016