| layout | title | nav_order | last_modified_date | permalink |
|---|---|---|---|---|
default |
Release notes |
7 |
05-02-2024 09:00 |
/release-notes/ |
{: .no_toc }
{: .no_toc .text-delta }
- TOC {:toc}
{: .no_toc }
- Fix: site bundle files query invalid syntax by @ryan-carmody in #310
- Fix the enableDynamicContent setting by @jeroenweareorangeeu in #303
- Typo fix in filemanager by @jeroenweareorangeeu in #309
- Create a complete admin path returnURL to redirect too. by @jeroenweareorangeeu in #318
- ApiUtility - component not found on upgrade. Needs to be uppercase A by @ptutty in #281
- Add '"swiss german (switzerland)"' to resourceBundleFactory by @jeroenweareorangeeu in #312
- Remove unneeded 'Browse Assets' button. by @jeroenweareorangeeu in #300
- Fix issue in imagedetails.cfm by @bdavieswbs in #295
- File Browser Update by @wtconsulting in #311
{: .no_toc }
- @ryan-carmody made their first contribution in #310
- @ptutty made their first contribution in #281
- @bdavieswbs made their first contribution in #295
- @wtconsulting made their first contribution in #311
Full Changelog: 7.4.6...7.4.7
{: .no_toc }
{: .no_toc } We've been informed about multiple high and critical vulnerabilities in Masa CMS.
{: .no_toc }
- The mentioned vulnerabilities have been fixed.
- Additional security improvements have been made.
{: .no_toc } Masa CMS versions 7.2, 7.3 and 7.4 are affected.
{: .no_toc }
- If you’re on Masa CMS 7.4, you should update to version 7.4.6 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
- If you’re on Masa CMS 7.3, you should update to version 7.3.13 immediately. This can be done by applying a manual update.
- If you’re on Masa CMS 7.2, you should update to version 7.2.8 immediately. This can be done by applying a manual update.
{: .no_toc }
- Sections can act as fieldsets by @grantshepert
- Disable enableMuraTag, enableDynamicContent and sharableRemoteSessions by default
- Additional security improvements have been made
Full Changelog: 7.4.5...7.4.6
{: .no_toc }
{: .no_toc } We've been informed about multiple high and critical vulnerabilities in Masa CMS.
{: .no_toc }
- The mentioned vulnerabilities have been fixed.
{: .no_toc } Masa CMS versions 7.2, 7.3 and 7.4 are affected.
{: .no_toc }
- If you’re on Masa CMS 7.4, you should update to version 7.4.6 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
- If you’re on Masa CMS 7.3, you should update to version 7.3.13 immediately. This can be done by applying a manual update.
- If you’re on Masa CMS 7.2, you should update to version 7.2.8 immediately. This can be done by applying a manual update.
{: .no_toc }
- Disable enableMuraTag, enableDynamicContent and sharableRemoteSessions by default
- Additional security improvements have been made
Full Changelog: 7.3.12...7.3.13
{: .no_toc }
{: .no_toc } We've been informed about multiple high and critical vulnerabilities in Masa CMS.
{: .no_toc }
- The mentioned vulnerabilities have been fixed.
{: .no_toc } Masa CMS versions 7.2, 7.3 and 7.4 are affected.
{: .no_toc }
- If you’re on Masa CMS 7.4, you should update to version 7.4.6 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
- If you’re on Masa CMS 7.3, you should update to version 7.3.13 immediately. This can be done by applying a manual update.
- If you’re on Masa CMS 7.2, you should update to version 7.2.8 immediately. This can be done by applying a manual update.
{: .no_toc }
- Disable enableMuraTag, enableDynamicContent and sharableRemoteSessions by default
- Additional security improvements have been made
Full Changelog: 7.2.7...7.2.8
{: .no_toc }
{: .no_toc } We've been informed about a critical vulnerability in Masa CMS.
{: .no_toc }
- The mentioned vulnerability has been fixed.
- Additional security improvements have been made.
{: .no_toc } Masa CMS versions 7.2, 7.3 and 7.4 are affected.
{: .no_toc }
- If you’re on Masa CMS 7.4, you should update to version 7.4.5 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
- If you’re on Masa CMS 7.3, you should update to version 7.3.12 immediately. This can be done by applying a manual update.
- If you’re on Masa CMS 7.2, you should update to version 7.2.7 immediately. This can be done by applying a manual update.
{: .no_toc }
- Also include content that is excluded from site search in the related… by @jeroenweareorangeeu in #241
- Add jQuery for a11y checker plugin in CKEditor. We cannot alway rely … by @jeroenweareorangeeu in #243
- Destroy CKEditor instances when closeing the modal. by @jeroenweareorangeeu in #250
- Bugfix/code improvements by @jeroenweareorangeeu in #267
- Added an extra check if the javaLoader is actually available to load … by @jeroenweareorangeeu in #266
- Update all jQuery v3.7.0 files to jQuery v3.7.1 files. by @jeroenweareorangeeu in #265
- Issue 235: object become unclickable by @jeroenweareorangeeu in #257
- Put a maxlength on 'displayIntervalEvery'. by @jeroenweareorangeeu in #253
- Added general improvments by @jeroenweareorangeeu in #264
- Issue 261: lucee6 fixes by @jeroenweareorangeeu in #262
- replaced sanitizeValue() call and updated sanitizedValue() by @OriCat101 in #259
- Bugfix/rendering assets by @jeroenweareorangeeu in #268
{: .no_toc }
- @OriCat101 made their first contribution in #259
Full Changelog: 7.4.4...7.4.5
{: .no_toc }
{: .no_toc } We've been informed about a critical vulnerability in Masa CMS.
{: .no_toc }
- The mentioned vulnerability has been fixed.
- Additional security improvements have been made.
{: .no_toc } Masa CMS versions 7.2, 7.3 and 7.4 are affected.
{: .no_toc }
- If you’re on Masa CMS 7.4, you should update to version 7.4.5 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
- If you’re on Masa CMS 7.3, you should update to version 7.3.12 immediately. This can be done by applying a manual update.
- If you’re on Masa CMS 7.2, you should update to version 7.2.7 immediately. This can be done by applying a manual update.
Full Changelog: 7.3.11...7.3.12
{: .no_toc }
{: .no_toc } We've been informed about a critical vulnerability in Masa CMS.
{: .no_toc }
- The mentioned vulnerability has been fixed.
- Additional security improvements have been made.
{: .no_toc } Masa CMS versions 7.2, 7.3 and 7.4 are affected.
{: .no_toc }
- If you’re on Masa CMS 7.4, you should update to version 7.4.5 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
- If you’re on Masa CMS 7.3, you should update to version 7.3.12 immediately. This can be done by applying a manual update.
- If you’re on Masa CMS 7.2, you should update to version 7.2.7 immediately. This can be done by applying a manual update.
Full Changelog: 7.2.6...7.2.7
{: .no_toc }
- fix issue with validation of properties in inline edit by @guustnieuwenhuis in #204
- Add a PGP key for confidential vulnerability reprts. by @jochemd in #228
- #161 wordfilter setting portcullis by @jeroenweareorangeeu in #227
- Security improvements by @jeroenweareorangeeu in #235
- Update filebrowser.cfc by @jimblesphere in #226
- Fixed #230 Related Content Advanced Search by @no3rdw in #231
- Allow for custom objectconfigurator position options by @no3rdw in #233
{: .no_toc }
- @jeroenweareorangeeu made their first contribution in #227
Full Changelog: 7.4.3...7.4.4
{: .no_toc }
- fix issue with validation of properties in inline edit by @guustnieuwenhuis in #204
- Update catnav.cfc to fix null pointer exception by @no3rdw in #201
- fixed keepMetaKeywords conditional by @no3rdw in #199
- #212 fix layout issue with managing categories when editing content node by @guustnieuwenhuis in #213
- #209 include inherited class extensions in condition to show or hide … by @guustnieuwenhuis in #211
- #208 fixing styling on notifyEditor by @guustnieuwenhuis in #210
- Added Category Name to Local Index Advanced Filter Field List by @no3rdw in #215
- improve condition to check if razuna is enabled before throwing a dep… by @guustnieuwenhuis in #221
- improve entityname sanitization by @guustnieuwenhuis in #219
- Feature/216 azure ad support for sso by @guustnieuwenhuis in #217
{: .no_toc }
Full Changelog: 7.4.2...7.4.3
{: .no_toc }
{: .no_toc }
We've been informed of multiple vulnerabilities in Masa CMS.
{: .no_toc }
- The mentioned vulnerabilities have been fixed.
- Security fixes from the MuraLabs repository have been copied over to Masa CMS.
- Multiple dependancies have been updated to their latest releases.
- Unused dependancies have been removed.
{: .no_toc }
Masa CMS versions 7.2, 7.3 and 7.4 are affected.
{: .no_toc }
- If you’re on Masa CMS 7.4, you should update to version 7.4.2 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
- If you’re on Masa CMS 7.3, you should update to version 7.3.11 immediately. This can be done by applying a manual update.
- If you’re on Masa CMS 7.2, you should update to version 7.2.6 immediately. This can be done by applying a manual update.
Full Changelog: 7.4.1...7.4.2
{: .no_toc }
{: .no_toc }
We've been informed of multiple vulnerabilities in Masa CMS.
{: .no_toc }
- The mentioned vulnerabilities have been fixed.
- Security fixes from the MuraLabs repository have been copied over to Masa CMS.
- Multiple dependancies have been updated to their latest releases.
- Unused dependancies have been removed.
{: .no_toc }
Masa CMS versions 7.2, 7.3 and 7.4 are affected.
{: .no_toc }
- If you’re on Masa CMS 7.4, you should update to version 7.4.2 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
- If you’re on Masa CMS 7.3, you should update to version 7.3.11 immediately. This can be done by applying a manual update.
- If you’re on Masa CMS 7.2, you should update to version 7.2.6 immediately. This can be done by applying a manual update.
Full Changelog: 7.3.10...7.3.11
{: .no_toc }
{: .no_toc }
We've been informed of multiple vulnerabilities in Masa CMS.
{: .no_toc }
- The mentioned vulnerabilities have been fixed.
- Security fixes from the MuraLabs repository have been copied over to Masa CMS.
{: .no_toc }
Masa CMS versions 7.2, 7.3 and 7.4 are affected.
{: .no_toc }
- If you’re on Masa CMS 7.4, you should update to version 7.4.2 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
- If you’re on Masa CMS 7.3, you should update to version 7.3.11 immediately. This can be done by applying a manual update.
- If you’re on Masa CMS 7.2, you should update to version 7.2.6 immediately. This can be done by applying a manual update.
Full Changelog: 7.2.5...7.2.6
{: .no_toc }
- fix issue with ids in db update script by @guustnieuwenhuis in #157
- Replace hard-coded references to /admin directory by @jimblesphere in #177
- Update filebrowser.cfc by @chexy in #175
- error when related content is scheduled, missing column parentType by @sejourla in #174
- Update database driver created by setup for MySQL/Lucee by @quetwo in #141
- fixed broken styling on categories tab
- fixed broken styling on component editing (front-end)
- fixed StructKeyDelete function by @ejespersen-AMS
- fixed class extensions in components
Full Changelog: 7.4.0...7.4.1
{: .no_toc }
- updated default theme to the latest version
- updated mura.js to the latest version
- new setting showextensionsindefault to show the basic tab extended attributes below the editor
- new search module
- new primarynav module
- new gotofirstchild module
- new nextprevnav module
- new gattedasset module
- new button module
- new info module
- new media module
- reviewed navigation module
- reviewed form module
- reviewed image module
- reviewed CTA module
{: .no_toc }
{: .no_toc }
We've been informed of an authentication bypass vulnerability in Masa CMS.
{: .no_toc }
The mentioned vulnerability has been fixed.
{: .no_toc }
Masa CMS versions 7.2, 7.3 and 7.4-beta are affected.
{: .no_toc }
If you’re on Masa CMS 7.3, you should update to version 7.3.10 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
{: .no_toc }
{: .no_toc }
We've been informed of an authentication bypass vulnerability in Masa CMS.
{: .no_toc }
The mentioned vulnerability has been fixed.
{: .no_toc }
Masa CMS versions 7.2, 7.3 and 7.4-beta are affected.
{: .no_toc }
If you’re on Masa CMS 7.2, you should update to version 7.2.5 immediately. This can be done by applying a manual update.
{: .no_toc }
- Update filebrowser.cfc by @jimblesphere in #128
- fix empty admin minified JS files
- replace We Are Orange with We Are North (https://www.wearenorth.eu/updates/we-are-north-now-not-orange-heres-why/)
Full Changelog: 7.3.8...7.3.9
fixed an issue with empty generated javascript files
This is a pre-release version of 7.4 including the follow updates:
- update for the default theme
- new setting showextensionsindefault to show the basic tab extended attributes below the editor
- new search module
- new primarynav module
- new gotofirstchild module
- new nextprevnav module
Bug fixes for:
and CKEditor update to version 4.19.1
This is a pre-release version of 7.4 including the follow updates:
- new Gatted Asset module
- reviewed Navigation module
{: .no_toc }
{: .no_toc }
We've been informed of a path traversal vulnerability in Masa CMS CVE-2021-42183.
{: .no_toc }
The mentioned vulnerability has been fixed.
{: .no_toc }
Masa CMS versions 7.2 and 7.3 are affected.
{: .no_toc }
If you’re on Masa CMS 7.2, you should update to version 7.2.4 immediately. This can be done by applying a manual update.
{: .no_toc }
{: .no_toc }
We've been informed of a path traversal vulnerability in Masa CMS CVE-2021-42183.
{: .no_toc }
The mentioned vulnerability has been fixed.
{: .no_toc }
Masa CMS versions 7.2 and 7.3 are affected.
{: .no_toc }
If you’re on Masa CMS 7.2, you should update to version 7.2.4 immediately. This can be done by applying a manual update.
{: .no_toc }
{: .no_toc }
We've been informed of a XSS security vulnerability in the Masa CMS administrator.
{: .no_toc }
Additional protection against XSS attacks is implemented to further secure the Masa CMS administrator.
{: .no_toc }
Masa CMS versions 7.2 and 7.3 are affected.
{: .no_toc }
If you’re on Masa CMS 7.2, you should update to version 7.2.3 immediately. This can be done by applying a manual update.
{: .no_toc }
{: .no_toc }
We've been informed of a XSS security vulnerability in the Masa CMS administrator.
{: .no_toc }
Additional protection against XSS attacks is implemented to further secure the Masa CMS administrator.
{: .no_toc }
Masa CMS versions 7.2 and 7.3 are affected.
{: .no_toc }
If you’re on Masa CMS 7.2, you should update to version 7.2.3 immediately. This can be done by applying a manual update.
This is a pre-release version of 7.4 including the follow updates:
- updated mura.js to the latest version
- new Button module
- new Info module
- new Media module
- reviewed Form module
- reviewed Image module
- reviewed CTA module
{: .no_toc }
- bug fixes for
- issue 74
- fixes for integration with s3 in File Browser
{: .no_toc }
{: .no_toc }
We've been informed of a XSS security vulnerability in the Masa CMS administrator.
{: .no_toc }
Additional protection against XSS attacks is implemented to further secure the Masa CMS administrator.
{: .no_toc }
Masa CMS versions 7.2 and 7.3 are affected.
{: .no_toc }
If you’re on Masa CMS 7.3, you should update to version 7.3.4 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
{: .no_toc }
- bug fixes for
- issue 75
- JS error when publishing a page with an undefined canonicalurl
- JS error when starting inline editing
{: .no_toc }
{: .no_toc }
- Improved extended attributes UI in the content manager
- Adobe ColdFusion compatibility fixes
- Improve customUI tab labels issue 56
- bug fixes for
{: .no_toc }
- New interface for editing content and components in the Masa CMS Administrator
- New File Browser
- File Browser enabled by default
- Introducing a deprecation warnings module
- Introducing the Masa Scope
- ORM Assembler is now in BETA
- Changed the default theme to MasaBootstrap5
{: .no_toc }
- Old, unused code from Advertisement Manager removed from codebase
- Fixed a tenacious JavaScript console error
- ORM Scaffolder option list and option values list were incorrectly displayed
{: .no_toc }
- Deprecated Mura Scope and tag
- Deprecated Razuna integration
- Deprecated Simple Forms
- Documented deprecations
- Documented deprecations inherited from Mura 7.1
{: .no_toc }
{: .no_toc }
We've been informed of a XSS security vulnerability in the Masa CMS administrator.
{: .no_toc }
Additional protection against XSS attacks is implemented to further secure the Masa CMS administrator.
{: .no_toc }
Masa CMS versions 7.2 and 7.3 are affected.
{: .no_toc }
If you’re on Masa CMS 7.3, you should update to version 7.3.4 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
{: .no_toc }
{: .no_toc }
We’ve been informed of a security vulnerability that allows any user to request files outside the asset folder from the server.
{: .no_toc }
We’ve improved the security around the assets API endpoint that is affected, to validate that the user can only request assets from the assets folder. In the process we’ve also applied restrictions to the asset upload endpoint, so that only logged in editors can upload assets.
{: .no_toc }
Only Masa CMS version 7.2 is affected
{: .no_toc }
If you’re on Masa CMS 7.2, you should update to version 7.2.1 immediately. This can be done by using the “Update Masa CMS Core” option in the menu of the Masa CMS Administrator or by applying a manual update.
{: .no_toc }
- Renamed Mura CMS to Masa CMS
- Replaced Mura CMS logo's with Masa CMS logo's
- Removed Mura CMS contributor agreement
- Removed obsolete Docker config
- Removed CKFinder license
- Bugfixes
{: .no_toc }
- Setting for enabling/disabling File Manager, disabled by default
- New image upload in CKEditor, without using CKFinder