# Entando 6.2.0 Release Notes
# New Features and Major Fixes
Initial support for deployment on Google GKE, Azure AKS, and Amazon EKS.
k3s 1.8.X is now the official choice for developer installations
The only fully supported and tested production database is PostgreSQL at the moment
Entando now fully relies on Keycloak for identity management. The previous native authentication is no longer supported.
- Fixed CSRF vulnerability discovered in 6.1
Support for embedded databases (derby)
Now capable to reuse existing external databases created by a previous installation
Reduced the memory footprint and improved the startup times
Documented two workarounds for the IP change issue, e.g. an Entando quickstart installation fails to restart when the IP of the VM changes. A more structured solution will come with the next release.
# Entando Component Repository (ECR)
ECR now relies only on GIT repositories for the distribution of bundles
Enabled support for bundles with multiple versions
Reliability improvements in the installation/uninstallation process, e.g. ability to install/uninstall a specific bundle version
Fixes and improvements to the web interface
Updated documentation, e.g. common use cases, uninstall flow, CRDs, ingresses and a troubleshooting guide
Temporarily disabled support for Pages in bundles (introduced with 6.1) due to problems during uninstallation
Added full support for composite CMS attributes
# Entando App Builder
Fixed the role-based UX so the UI properly accounts for the current user role.
UX improvements and nomenclature updates
Reliability improvements and rationalization in several areas, e.g. user management, page design, content management, asset management, error messaging
Essential plugins are now part of the base distribution, e.g. SEO, Content Versioning, Content Workflow, Content Scheduler, email.
A new React-based UX was implemented for SEO and Content Versioning
Included a set of additional default widgets, content types, content templates, and page templates
# Entando Component Generator
Improved Microsoft Windows Support (specifically Windows 10 Professional)
Support for the Italian Locale
Added ability to skip MFE generation
Completed support for all possible field types of an entity
Added support for entity deletion
Added support for missing attribute types
Fixed support for complex attribute configurations
Several fixes in code generation and build
# Key Open Issues
# Keycloak RCE
- The keycloak version used by Entando has a security vulnerability - https://github.com/keycloak/keycloak/pull/7138. This issue has been fixed in the latest version of keycloak and will be included in the next version of Entando. This vulnerability can only be exploited if you have a way to obtain a valid token, e.g. via a valid username/password.
# Other Open Issues
- Support for older versions of Oracle is not yet complete
Tutorialshave been updated to reflect 6.2 but some work remains
Entando App Builder
- There are a few visual issues with the redesigned UX/UI
- The user is unable to set their personal profile data from the
Content - Assets, deleting a duplicate image results in the removal of the original image
Content - Management, some built-in content types will not function correctly if
Content Template = Default. Users will need to explicitly select the Content Template.
Entando Component Generator
- Lack of support for generation of microservices with no backend
- Support of old versions of Oracle not complete yet
# Previous Releases
Please see the
Versions list in the main navigation menu above to access documentation and release notes for previous versions of Entando.