Version 10.1.3-RC
Default Docker image now runs with non-privileged user.
Added
Changed
Removed
Deprecated
Fixed
- Added support for Coldfusion (2023 Release) Update 14 and Coldfusion (2021 Release) Update 20 MCPD-118
- Fixed an issue with a query string that was not properly sorting results. MCPD-110
- Fixed an admin interface navigation issue. MCPD-90
Security
- **DOCKER ONLY** Updated services to run as mura_user. This will require updates to your Dockerfile! USER mura_user before copying your files and running the container. MCPD-91
- Closed IPv6 Open Redirect vulnerability.MCPD-119
Version 10.1.2
Multiple security updates for Docker implementations and bug fixes.
Added
Changed
- Mura.js update. Fixing a reported issue with dynamic pages.
- DOCKER ONLY Upgraded Tomcat to 9.0.90 to resolve vulnerabilities.
- DOCKER ONLY Updated Lucee to Lucee Light-5.4.7.2 to resolve vulnerabilities.
Removed
Deprecated
Fixed
- Fixed preview tooltip in Mura admin
- DOCKER ONLY Create a directory if one does not exist in the container when assets are mapped to an external source.
Security
- DOCKER ONLY Resolved CVE-2024-34750
- DOCKER ONLY Resolved CVE-2024-38286
- DOCKER ONLY Resolved CVE-2023-46589
- DOCKER ONLY Resolved CVE-2024-21634
- DOCKER ONLY Resolved CVE-2024-24549
- DOCKER ONLY Resolved CVE-2024-23672
Version 10.1.2-RC
Multiple security updates for Docker implementations and bug fixes.
Added
Changed
- Mura.js update. Fixing a reported issue with dynamic pages.
- DOCKER ONLY Upgraded Tomcat to 9.0.90 to resolve vulnerabilities.
- DOCKER ONLY Updated Luceee to Lucee Light-5.4.7.2 to resolve vulnerabilites.
Removed
Deprecated
Fixed
- Fixed preview tooltip in Mura admin
- DOCKER ONLY Create a directory if one does not exist in the container when assets are mapped to an external source.
Security
- DOCKER ONLY Resolved CVE-2024-34750
- DOCKER ONLY Resolved CVE-2024-38286
- DOCKER ONLY Resolved CVE-2023-46589
- DOCKER ONLY Resolved CVE-2024-21634
- DOCKER ONLY Resolved CVE-2024-24549
- DOCKER ONLY Resolved CVE-2024-23672
Version 10.1.1
Added Linked Template module and other additional features to the admin interface to facilitate easier site administration and fixed multiple high vulnerabilities.
Added
- DOCKER ONLY Updated the buildspec.yaml to use docker buildx to facilitate multi architecture build MCPD-68
- DOCKER ONLY Build action creates ARM and AMD images
- Added additional functionality to the User Maintenance Form & Group Listing page in the Mura admin. MCPD-93
- Creates a Linked Template module that automatically updates all instances of the Linked Template on the site when an update to the Linked Template occurs. MCPD-86
Changed
Removed
- Removed app/config/version.cfm file, version is set in app/core/version.cfm. MCPD-89
Deprecated
Fixed
- Removed default value of useCategoryIntersect from collections index.cfm file. This should be set on the collection. This default value overrides the setting on the collection. MCPD-48
Security
- Fixed CSV injection vulnerability MCPD-82
- Fixed a SSRF vulnerability. MCPD-83
Version 10.1.1-RC
Added Linked Template module and other additional features to the admin interface to facilitate easier site administration and fixed multiple high vulnerabilities.
Added
- DOCKER ONLY Updated the buildspec.yaml to use docker buildx to facilitate multi architecture build MCPD-68
- DOCKER ONLY Build action creates ARM and AMD images
- Added additional functionality to the User Maintenance Form & Group Listing page in the Mura admin. MCPD-93
- Creates a Linked Template module that automatically updates all instances of the Linked Template on the site when an update to the Linked Template occurs. MCPD-86
Changed
Removed
- Removed app/config/version.cfm file, version is set in app/core/version.cfm. MCPD-89
Deprecated
Fixed
- Removed default value of useCategoryIntersect from collections index.cfm file. This should be set on the collection. This default value overrides the setting on the collection. MCPD-48
Security
- Fixed CSV injection vulnerability MCPD-82
- Fixed a SSRF vulnerability. MCPD-83
Version 10.1.0
Creating Release Notes and Security Updates
Added
- CHANGELOG.md to track changes for Release Notes. MCPD-75
- GitHub Workflow to dynamically create Release Notes in Github on Merge to branch. MCPD-75
- GitHub Workflows for running Unit Tests. BAD-123
Changed
DOCKER ONLY
Updated Dockerfile to remove usage of test
Lucee image. Lucee version remains 5.4.6.9
.
Removed
Deprecated
Fixed
Security
DOCKER ONLY
Removed old, unused, unsupported Lucee extension JSON 1.0.0
. Responsible for 20 Critical and 22 High vulnerabilities
Version 10.1.0-RC
Creating Release Notes and Security Updates
Added
- CHANGELOG.md to track changes for Release Notes. MCPD-75
- GitHub Workflow to dynamically create Release Notes in Github on Merge to branch. MCPD-75
- GitHub Workflows for running Unit Tests. BAD-123
Changed
DOCKER ONLY
Updated Dockerfile to remove usage of test
Lucee image. Lucee version remains 5.4.6.9
.
Removed
Deprecated
Fixed
Security
DOCKER ONLY
Removed old, unused, unsupported Lucee extension JSON 1.0.0
. Responsible for 20 Critical and 22 High vulnerabilities