Version 10.1.4-RC
New page building experience, plus multiple security updates and bug fixes.
Added
- To enhance the page-building experience, the Layout Manager now displays visual previews and text descriptions for each module, allowing content editors to instantly identify and select the right component without trial and error. MCPD-111
Changed
- DOCKER ONLY Updated base image to Debian 13 (trixie).
- Created variable to disable creation of Swagger documentation. MCPD-153
- Include missing error dumps to existing error outputs when debug is enabled. MCPD-156
Removed
Deprecated
Fixed
- Resolved content relocation bug in Mura core: users can no longer move content nodes to unauthorized parent nodes. MCPD-131
- Resolved issue with duplicate query names MCPD-27
- Resolved CSRF vulnerabilities. MCPD-142 MCPD-143 MCPD-144 MCPD-145 MCPD-146 MCPD-147 MCPD-148
- Resolved admin function error thrown when deleting page from the front end. MCPD-129
Security
- Resolved multiple SQL Injection vulnerabilities. MCPD-160 MCPD-161
Version 10.1.3
Default Docker image now runs with non-privileged user.
Added
Changed
Removed
Deprecated
Fixed
- Added support for Coldfusion (2023 Release) Update 14 and Coldfusion (2021 Release) Update 20 MCPD-118
- Fixed an issue with a query string that was not properly sorting results. MCPD-110
- Fixed an admin interface navigation issue. MCPD-90
Security
- **DOCKER ONLY** Updated services to run as mura_user. This will require updates to your Dockerfile! USER mura_user before copying your files and running the container. MCPD-91
- Closed IPv6 Open Redirect vulnerability.MCPD-119
Version 10.1.3-RC
Default Docker image now runs with non-privileged user.
Added
Changed
Removed
Deprecated
Fixed
- Added support for Coldfusion (2023 Release) Update 14 and Coldfusion (2021 Release) Update 20 MCPD-118
- Fixed an issue with a query string that was not properly sorting results. MCPD-110
- Fixed an admin interface navigation issue. MCPD-90
Security
- **DOCKER ONLY** Updated services to run as mura_user. This will require updates to your Dockerfile! USER mura_user before copying your files and running the container. MCPD-91
- Closed IPv6 Open Redirect vulnerability.MCPD-119
Version 10.1.2
Multiple security updates for Docker implementations and bug fixes.
Added
Changed
- Mura.js update. Fixing a reported issue with dynamic pages.
- DOCKER ONLY Upgraded Tomcat to 9.0.90 to resolve vulnerabilities.
- DOCKER ONLY Updated Lucee to Lucee Light-5.4.7.2 to resolve vulnerabilities.
Removed
Deprecated
Fixed
- Fixed preview tooltip in Mura admin
- DOCKER ONLY Create a directory if one does not exist in the container when assets are mapped to an external source.
Security
- DOCKER ONLY Resolved CVE-2024-34750
- DOCKER ONLY Resolved CVE-2024-38286
- DOCKER ONLY Resolved CVE-2023-46589
- DOCKER ONLY Resolved CVE-2024-21634
- DOCKER ONLY Resolved CVE-2024-24549
- DOCKER ONLY Resolved CVE-2024-23672
Version 10.1.2-RC
Multiple security updates for Docker implementations and bug fixes.
Added
Changed
- Mura.js update. Fixing a reported issue with dynamic pages.
- DOCKER ONLY Upgraded Tomcat to 9.0.90 to resolve vulnerabilities.
- DOCKER ONLY Updated Luceee to Lucee Light-5.4.7.2 to resolve vulnerabilites.
Removed
Deprecated
Fixed
- Fixed preview tooltip in Mura admin
- DOCKER ONLY Create a directory if one does not exist in the container when assets are mapped to an external source.
Security
- DOCKER ONLY Resolved CVE-2024-34750
- DOCKER ONLY Resolved CVE-2024-38286
- DOCKER ONLY Resolved CVE-2023-46589
- DOCKER ONLY Resolved CVE-2024-21634
- DOCKER ONLY Resolved CVE-2024-24549
- DOCKER ONLY Resolved CVE-2024-23672
Version 10.1.1
Added Linked Template module and other additional features to the admin interface to facilitate easier site administration and fixed multiple high vulnerabilities.
Added
- DOCKER ONLY Updated the buildspec.yaml to use docker buildx to facilitate multi architecture build MCPD-68
- DOCKER ONLY Build action creates ARM and AMD images
- Added additional functionality to the User Maintenance Form & Group Listing page in the Mura admin. MCPD-93
- Creates a Linked Template module that automatically updates all instances of the Linked Template on the site when an update to the Linked Template occurs. MCPD-86
Changed
Removed
- Removed app/config/version.cfm file, version is set in app/core/version.cfm. MCPD-89
Deprecated
Fixed
- Removed default value of useCategoryIntersect from collections index.cfm file. This should be set on the collection. This default value overrides the setting on the collection. MCPD-48
Security
- Fixed CSV injection vulnerability MCPD-82
- Fixed a SSRF vulnerability. MCPD-83
Version 10.1.1-RC
Added Linked Template module and other additional features to the admin interface to facilitate easier site administration and fixed multiple high vulnerabilities.
Added
- DOCKER ONLY Updated the buildspec.yaml to use docker buildx to facilitate multi architecture build MCPD-68
- DOCKER ONLY Build action creates ARM and AMD images
- Added additional functionality to the User Maintenance Form & Group Listing page in the Mura admin. MCPD-93
- Creates a Linked Template module that automatically updates all instances of the Linked Template on the site when an update to the Linked Template occurs. MCPD-86
Changed
Removed
- Removed app/config/version.cfm file, version is set in app/core/version.cfm. MCPD-89
Deprecated
Fixed
- Removed default value of useCategoryIntersect from collections index.cfm file. This should be set on the collection. This default value overrides the setting on the collection. MCPD-48
Security
- Fixed CSV injection vulnerability MCPD-82
- Fixed a SSRF vulnerability. MCPD-83
Version 10.1.0
Creating Release Notes and Security Updates
Added
- CHANGELOG.md to track changes for Release Notes. MCPD-75
- GitHub Workflow to dynamically create Release Notes in Github on Merge to branch. MCPD-75
- GitHub Workflows for running Unit Tests. BAD-123
Changed
DOCKER ONLY
Updated Dockerfile to remove usage of test
Lucee image. Lucee version remains 5.4.6.9
.
Removed
Deprecated
Fixed
Security
DOCKER ONLY
Removed old, unused, unsupported Lucee extension JSON 1.0.0
. Responsible for 20 Critical and 22 High vulnerabilities
Version 10.1.0-RC
Creating Release Notes and Security Updates
Added
- CHANGELOG.md to track changes for Release Notes. MCPD-75
- GitHub Workflow to dynamically create Release Notes in Github on Merge to branch. MCPD-75
- GitHub Workflows for running Unit Tests. BAD-123
Changed
DOCKER ONLY
Updated Dockerfile to remove usage of test
Lucee image. Lucee version remains 5.4.6.9
.
Removed
Deprecated
Fixed
Security
DOCKER ONLY
Removed old, unused, unsupported Lucee extension JSON 1.0.0
. Responsible for 20 Critical and 22 High vulnerabilities