Cloud CMS Release 3.2.72

Published on 01/25/2022

The following are the new features, enhancements and fixed issues for Cloud CMS 3.2.72 release.

CVE-2021-44228

This release builds upon the prior release of Cloud CMS (which was already hardened against CVE-2021-44228). With this release, we have updated Log4j to version 2.17.1.

Cloud CMS recommends that customers upgrade to this release to ensure that Log4j is hardened against this vulnerability.

For more information on CVE-2021-44228, please visit:
https://gitana.io/documentation/docker/notices/cve-2021-44228.html

Update Recommendations (On-Premise Only)

With this version of Cloud CMS, we have disabled the deprecated Elastic Search Transport Client and have switched to using our Condor HTTP client. As such, connectivity between the api and elasticsearch services are no longer using port 9300 by default. They are now using port 9200 by default.

Please check your configuration to make sure that the API can connect to Elastic Search’s HTTP Endpoint.

For information on configuring Elastic Search for Cloud CMS, please see:
https://gitana.io/documentation/docker/configuration/api-server.html#using-the-condor-http-client

For improved performance, we recommend you rebuild your cluster indexes. To do so, we recommend using the reindex-datastore command via the Cloud CMS Command Line Client (https://gitana.io/documentation/cli.html#reindex-datastore).

You can execute it like this:

cloudcms admin reindex-datastore  --datastoreTypeId cluster --datastoreId default --children --username <username> --password <password>

Where the username and password are the credentials for your administrator account.

Enhancements

Application Server

  • Sessions are now automatically configured to use Redis as backing storage when configuring UI servers in a cluster (this was a manual step previously and now just automatically kicks in).

C# Driver

  • Access Tokens will now refresh and retry after an HTTP 401 is received.
  • Additional methods for jobs, projects, releases, versions and paths.
  • Refactoring and naming clean up + additional tests

Java Driver

  • Methods to create releases, branches and projects now go through the /start endpoints to allow for asynchronous creation (and prevent HTTP timeouts while waiting for response).
  • Updated to Log4j 2.16.0 to harden against CVE-2021-44228. For more information, see https://gitana.io/documentation/docker/notices/cve-2021-44228.html.

Log4j

  • Updated to version 2.17.1 to provide further hardening against the CVE-2021-44228 exploit.

PHP Driver

  • Additional methods for branches, nodes, versions, projects, branches and releases.
  • Removed reference to hard coded root node.
  • Added methods for changeQName, resolvePath and resolvePaths.
  • Added GraphQL Support.

Python Driver

  • Additional methods for resolvePath and resolvePaths.

Bug Fixes

Auto Translation

  • Fix so that leading slashes are automatically removed frmo property paths when building auto-translation payload.

Content Model Builder

  • Fix so that user interface refreshes properly for certain clickpaths.

Deployments

  • Fix so that deployments identified as having timed out on decomissioned servers (in a clustered configuration of the API tier) will automatically clean up for all cases.

File Paths

  • Fix so that file path index is more accurate in-transaction for cases where nodes are deleted.

Jobs

  • Fix so that jobs correctly schedule onto the correct target server for some cases involving nested jobs and retries.

Permissions

  • Fix so that permissions and authorities caches have a smaller TTL - allowing for cached access rights to invalidate more quickly.

Sync

  • Fix so that sync actions correctly set the allowWriteToFrozenBranches flag when executed from a rule or a script.

Transfer

  • Fix to ensure that branch deployments work properly for some edge cases where transfer run in copyAttachments mode and move binary items across storage providers.
  • Fix so that API calls to Copy resources (identified by dependency chains) works as intended for cases where partial dependency chains are submitted.
  • Fix so that imports of tip-mode exports of branches cannot be imported on top of an existing branch using the CLONE import strategy (as it would break immutability of the 0:root changeset).
  • Fix so that attachments properly import for cases where a previously published node has an attachment updated and the copyAttachments performance optimization is used.
Download


View All Releases








Ready to Get Started?

Unlock your data with smart content services and real-time deployment


Try Gitana for free Ask for a demo