Bloomreach Experience Manager V14.7.9 Release Notes

Sept 21, 2022

The new maintenance release of 14.7.9 is available for general use for our customers and partners. This release includes improvements in community and enterprise artifacts.

We encourage all projects to update to the most recent regular releases. Using a tagged artifact that is not yet part of a release should only be done if there is a specific reason and only after testing in your specific project setup.

Update considerations

The following 3rd party dependencies have changed since the previous maintenance release. If your project directly uses any of these libraries, please validate compatibility. For more information on changes in these  libraries please see information from the invidual vendors.

Note 2 special cases:

  1. ehcache was replaced with a custom package containing the same artifacts as version 2.10.6, but excluding the "shaded" transitive dependencies. Those transitive dependencies were unused by our product, but they were generating false positive security warnings in automated vulnerability scans.
  2. h2 was removed as a normal dependency of the product. This in-memory database was already deprecated for use on servers, where it is vulnerable to several security exploits. It is now used only for local development and testing. Please check your projects for any other usage of h2 that may be vulnerable.

 

Module 14.7.8 14.7.9
com.fasterxml.jackson.jaxrs/jackson-jaxrs-json-provider 2.13.3 2.13.4
com.fasterxml.jackson.jaxrs/jackson-jaxrs-base 2.13.3 2.13.4
com.fasterxml.jackson.core/jackson-core 2.1.3 2.13.4
com.fasterxml.jackson.core/jackson-databind 2.13.3 2.13.4
com.fasterxml.jackson.module/jackson-module-jaxb-annotations 2.13.3 2.13.4
com.fasterxml.jackson.core/jackson-annotations 2.13.3 2.13.4
org.springframework/spring-context 5.3.20 5.3.22
org.springframework/spring-aop 5.3.20 5.3.22
org.springframework/spring-beans 5.3.20 5.3.22
org.springframework/spring-core 5.3.20 5.3.22
org.springframework/spring-jcl 5.3.20 5.3.22
org.springframework/spring-expression 5.3.20 5.3.22
org.eclipse.jetty/jetty-server 9.4.43.v20210629 9.4.47.v20220610
org.eclipse.jetty/jetty-util 9.4.43.v20210629 9.4.47.v20220610
org.eclipse.jetty/jetty-io 9.4.43.v20210629 9.4.47.v20220610
org.eclipse.jetty/jetty-security 9.4.43.v20210629 9.4.47.v20220610
org.eclipse.jetty/jetty-continuation 9.4.43.v20210629 9.4.47.v20220610
org.eclipse.jetty/jetty-http 9.4.43.v20210629 9.4.47.v20220610
org.apache.tika/tika-core 1.28.3 1.28.4
org.apache.tika/tika-parsers 1.28.3 1.28.4
org.freemarker/freemarker 2.3.28 2.3.30
org.springframework/spring-context-support 5.3.20 5.3.22
org.springframework/spring-web 5.3.20 5.3.22
com.fasterxml.jackson.datatype/jackson-datatype-json-org 2.13.3 2.13.4
com.google.apis/google-api-services-analytics v3-rev116-1.20.0 v3-rev20190807-2.0.0
com.google.api-client/google-api-client 1.20.0 2.0.0
com.google.oauth-client/google-oauth-client 1.20.0 1.34.1
com.google.http-client/google-http-client 1.20.0 1.42.1
org.springframework.boot/spring-boot 2.5.14 2.6.10
org.springframework.boot/spring-boot-starter-jdbc 2.5.14 2.6.10
org.springframework.boot/spring-boot-starter 2.5.14 2.6.10
org.springframework.boot/spring-boot-autoconfigure 2.5.14 2.6.10
org.yaml/snakeyaml 1.30 1.29
org.springframework/spring-jdbc 5.3.20 5.3.22
org.springframework/spring-tx 5.3.20 5.3.22
org.springframework.security/spring-security-config 5.6.5 5.6.7
org.springframework.security/spring-security-core 5.6.5 5.6.7
org.springframework.security/spring-security-crypto 5.6.5 5.6.7
org.springframework.boot/spring-boot-starter-web 2.5.14 2.6.10
org.springframework.boot/spring-boot-starter-json 2.5.14 2.6.10
com.fasterxml.jackson.datatype/jackson-datatype-jdk8 2.12.6 2.13.3
com.fasterxml.jackson.datatype/jackson-datatype-jsr310 2.12.6 2.13.3
com.fasterxml.jackson.module/jackson-module-parameter-names 2.12.6 2.13.3
org.springframework/spring-webmvc 5.3.20 5.3.22
com.fasterxml.jackson.dataformat/jackson-dataformat-yaml 2.13.3 2.13.4
org.springframework/spring-oxm 5.3.20 5.3.22
org.springframework.security/spring-security-web 5.6.5 5.6.7
org.jsoup/jsoup 1.14.2 1.15.3
org.apache.maven/maven-plugin-api 3.8.1 3.8.2
org.apache.maven/maven-artifact 3.8.1 3.8.2
org.apache.maven/maven-model 3.8.1 3.8.2
org.webjars/swagger-ui 3.26.0 4.2.1
org.springframework.integration/spring-integration-ftp 5.5.12 5.5.14
org.springframework.integration/spring-integration-file 5.5.12 5.5.14
org.springframework.integration/spring-integration-core 5.5.12 5.5.14
org.springframework/spring-messaging 5.3.20 5.3.22
io.projectreactor/reactor-core 3.4.16 3.4.21
org.reactivestreams/reactive-streams 1.0.3 1.0.4
org.springframework.integration/spring-integration-sftp 5.5.12 5.5.14
org.springframework.security/spring-security-taglibs 5.6.5 5.6.7
org.springframework.security/spring-security-acl 5.6.5 5.6.7

Removed com.h2database/h2 1.4.200
Removed net.sf.ehcache/ehcache 2.10.6
Removed com.google.http-client/google-http-client-jackson2 1.20.0
Removed com.google.code.findbugs/jsr305 1.3.9
Added com.google.http-client/google-http-client-gson 1.42.1
Added com.google.code.gson/gson 2.9.0
Added com.google.http-client/google-http-client-apache-v2 1.42.1
Added org.apache.httpcomponents/httpcore 4.4.15
Added io.opencensus/opencensus-api 0.31.1
Added io.grpc/grpc-context 1.27.2
Added io.opencensus/opencensus-contrib-http-util 0.31.1
Added org.apache.maven/maven-core 3.8.2
Added org.apache.maven/maven-settings 3.8.2
Added org.apache.maven/maven-settings-builder 3.8.2
Added org.apache.maven/maven-builder-support 3.8.2
Added org.apache.maven/maven-repository-metadata 3.8.2
Added org.apache.maven/maven-model-builder 3.8.2
Added org.apache.maven/maven-resolver-provider 3.8.2
Added org.apache.maven.resolver/maven-resolver-impl 1.6.3
Added org.apache.maven.resolver/maven-resolver-api 1.6.3
Added org.apache.maven.resolver/maven-resolver-spi 1.6.3
Added org.apache.maven.resolver/maven-resolver-util 1.6.3
Added org.apache.maven.shared/maven-shared-utils 3.3.4
Added com.google.inject/guice 4.2.2

Overview of JIRA issues closed in Bloomreach Experience 14.7.9

Improvement

  • ENT-5795 ] - [site-toolkit, caching]  Replace ehcache with repackaged version
  • ENT-5712 ] - [cms]  When redirecting for single-sign on between cms and delivery validate the host to redirect to
  • CMS-15148 ] - [repository] Tackle Performance problems associated with the instantiation of new sessions

Bug

  • ENT-5254 ] - [targeting]  [Backport 14.7] Limit ES memory
  • CMS-15151 ] - [navigation-application] [PaaS backport] The bloomreach logo is out of proportion in the navapp
  • CMS-15147 ] - [5 modules] Moment vulnerability
  • CMS-15135 ] - [translations] Corrections in German translation
  • CMS-15128 ] - [channel-manager, repository] Error while editing a document in the Experience Manager
  • CMS-15102 ] - [essentials] Regression: Essentials' Taxonomy plugin doesn't show 'Already used taxonomies'
  • CMS-14994 ] - [taxonomy] Taxonomy on compound level doesn't recognize document locale
  • CMS-14859 ] - [site-toolkit] Warning logs from DynamicBeanDefinitionService

Task

  • ENT-5828 ] - [accelerator-b2c]  Upgrade Angular version used in commerce pickers in 14.7
  • CMS-15166 ] - [repository] Update eclipse jetty dependency
  • CMS-15164 ] - [13 modules] Remove h2 runtime dependency
  • CMS-15162 ] - [project] Udate jackson dependencies to the latest version
  • CMS-15160 ] - [21 modules] Bump library versions
  • CMS-15157 ] - [project] Update freemarker to the latest version
  • CMS-15133 ] - [navigation-application, translations] [Backport] Add navigation menu item for "Setup -> Usage"
  • CMS-14965 ] - [project, hap] Change the HAP and pom file after changes in SPA SDK

 

Totals for issues in this release

  • Improvements 3
  • Bugs 8
  • Tasks 8
Did you find this page helpful?
How could this documentation serve you better?
On this page
    Did you find this page helpful?
    How could this documentation serve you better?

    We rely on cookies

    to optimize our communication and to enhance your customer experience. By clicking on the Accept and Close button, you agree to the collection of cookies. You can also adjust your preferences by clicking on Manage Preferences. For more information please see our Privacy policy.

    Manage cookies
    Accept & close

    Cookies preferences

    Accept & close
    Back