Release notes for Magnolia CMS 6.2.42
LTS release • Delivered on January 17, 2024 • Changelog: 12304
Magnolia CMS 6.2.42 is primarily a bug-fixing and security release. We keep the details of security fixes private in line with our security policy. Contact our Support team if you need more information.
Announcements
-
Cloudinary
1.2.1
released on January 8, 2024.
Improvements
-
MAGNOLIA-9236
HttpSessionListener
to trackMgnlUser
sessions -
MGNLSITE-209 External service interaction via HTTP header injection
-
SECURITY-77 Hide the migrated Security app from the UI
-
SECURITY-79 Session invalidation when
superadmin
changes a user’s password in the Security app
Bug fixes
-
ADMINCTR-511 Session invalidation upon changing password
-
MAGNOLIA-9233 Users whose usernames contain
.
(dot) can’t log in -
MAGNOLIA-9239 App Launcher group names are always displayed in English
-
MGNLCACHE-357
4xx
and5xx
errors shouldn’t be cached by Magnolia -
MGNLDAM-1359 Downloading bulk assets doesn’t maintain the structure in MS Windows
-
MGNLUI-8640
JcrHasChildrenRule
includes items that aren’t persisted -
MGNLWORKFLOW-466 Tasks app in unstable state after canceling Show changes dialog
-
MULTISITE-186 Multisite
DomainNamePathTransformer
creates incorrect external links -
SECURITY-76 Users whose usernames contain
@
(at sign) can’t log in
Miscellaneous
-
MAGNOLIA-9230 Remove deprecated utility class
ObservationUtil
-
MGNLTOMCAT-38 Update dependency
org.apache.tomcat:tomcat
to version9.0.85
Third-party library updates
-
net.bytebuddy:byte-buddy
to version1.14.11
-
org.jetbrains.kotlin:kotlin-bom
to version1.9.22
-
org.jsoup:jsoup
to version1.17.2
-
software.amazon.awssdk:bom
to version2.21.46
-
swaggerCoreVersion
to version2.2.20