Magnolia 5.7 reached extended end of life on May 31, 2022. Support for this branch is limited, see End-of-life policy. Please note that to cover the extra maintenance effort, this EEoL period is a paid extension in the life of the branch. Customers who opt for the extended maintenance will need a new license key to run future versions of Magnolia 5.7. If you have any questions or to subscribe to the extended maintenance, please get in touch with your local contact at Magnolia.
Magnolia CORE 5.7.13 is a bug-fixing and security release that delivers the following:
Third-party library updates
This release comes with the following third-party library updates to fix some security and compatibility issues:
- Gson updated to 2.8.9 (BUILD-585).
- Tomcat updated to 9.0.54 (MGNLTOMCAT-20).
- Vaadin updated to 8.14.1 (BUILD-567).
We now validate login CSRF tokens with HMAC. The new
HmacCsrfToken strategy generates an HMAC CSRF token that expires after a configurable interval. The previous
RandomCsrfToken strategy is now deprecated.
MAGNOLIA-8239 (restricted access)
See the 5.7.13 changelog for all the changes.
- Barebones Tomcat Bundle 1.1.7
- Community Edition 5.7.13
- Content Editor 1.2.1
- Enterprise Edition 5.7.13
- Magnolia 5.7.13
- Pages 5.7.2
- Personalization 1.6.4
- Publishing 1.1.13
- Third-party library BOM 5.7.13
- UI 5.7.13
The Magnolia team would also like to thank everyone who reported issues, contributed patches or simply commented on issues for this release. Your continued interest helps us make Magnolia better. Special thanks go to Alberto Ramirez and Ioannis Spyronis.