Recent Java updates 1.7.0_85 and 1.8.0_85 fixed a vulnerability in HTTP request headers. Java now performs strict checking of characters sent in the HTTP header. The semicolon character ":" which Magnolia uses in publishing is no longer allowed. We have adapted Magnolia code to accommodate the change. The fix ships with Magnolia 5.4.3 and Magnolia 5.3.12. (5.3.12 is now out - announcement coming soon!)
If you cannot publish content or a client reports this issue to you, please check if automatic Java updates are enabled on the system. It is possible that the system got updated to the latest Java version automatically before your Magnolia installation was ready. You can either roll back the Java update or update to Magnolia 5.4.3 or 5.3.12 now. We advise all clients who plan to update to the latest Java maintenance release to first update their Magnolia installations. More details: https://documentation.magnolia-cms.com/display/DOCS/Release+notes+for+Magnolia+5.4.3#ReleasenotesforMagnolia5.4.3-PublicationwithJavaupdates1.7.0_85and1.8.0_65 -- Context is everything: http://forum.magnolia-cms.com/forum/thread.html?threadId=e998529a-99c3-486a-a0ec-a05f3de66bc6 ---------------------------------------------------------------- For list details, see http://www.magnolia-cms.com/community/mailing-lists.html Alternatively, use our forums: http://forum.magnolia-cms.com/ To unsubscribe, E-mail to: <user-list-unsubscr...@magnolia-cms.com> ----------------------------------------------------------------
