Product Updates

Search the FirstSpirit Knowledge Base

FirstSpirit 2024.3 (5.2.240312) is the latest release of FirstSpirit and contains bugfixes as well as new functionality.

The release notes are attached to this post and available via https://docs.crownpeak.com/.
To learn more about our release management in general please see our Release Management FAQ.

The new FirstSpirit version is available for download.

You need a personal login to access the download folder. Please contact our Technical Support if you do not have a personal login.

0 0 1,135

Dates, agenda and registration

0 4 1,437

The release notes for this build are available online at

EN Release Notes

and

DE Release Notes

0 0 394

The release notes for this build are available online at

https://docs.e-spirit.com/ecom/fsconnect-sap-headless/24.2.0/FS_Connect_SAP_hl_Releasenotes_DE.html

and

https://docs.e-spirit.com/ecom/fsconnect-sap-headless/24.2.0/FS_Connect_SAP_hl_Releasenotes_EN.html

0 0 392

FirstSpirit 2024.2 (5.2.240208) is the latest release of FirstSpirit and contains bugfixes as well as new functionality.

The release notes are attached to this post and available via https://docs.e-spirit.com/ .
To learn more about our release management in general please see our Release Management FAQ.

The new FirstSpirit version is available for download.

You need a personal login to access the download folder. Please contact our Technical Support if you do not have a personal login.

0 0 1,052

The release notes for this build are available online at

EN Release Notes

and

DE Release Notes

0 0 358

The release notes for this build are available online at

EN Release Notes

and

DE Release Notes

0 0 504

The release notes for this build are available online at

https://docs.e-spirit.com/ecom/fsconnect-sap/24.1.0/releasenotes/FirstSpirit_Connect_SAP_Releasenote...

and

https://docs.e-spirit.com/ecom/fsconnect-sap/22.2.0/releasenotes/FirstSpirit_Connect_SAP_Releasenote...

The new version is available for download through our Technical Support.

0 0 378

Due to a caching issue in the URL registry, a hotfix build 5.2.240111 was created.

The new FirstSpirit version is available for download.

You need a personal login to access the download folder. Please contact our Technical Support if you do not have a personal login.

0 0 846

Happy New Year all, wishing you all health & happiness in 2024!

We start with the first release this year.

FirstSpirit 2024.1 (5.2.240110) is the latest release of FirstSpirit and contains bugfixes as well as new functionality.

The release notes are attached to this post and available via https://docs.e-spirit.com/ .
To learn more about our release management in general please see our Release Management FAQ.

The new FirstSpirit version is available for download.

You need a personal login to access the download folder. Please contact our Technical Support if you do not have a personal login.

0 0 1,219

The release notes for this build are available online at

EN Release Notes

and

DE Release Notes

0 0 499

The release notes for this build are available online at

EN Release Notes

and

DE Release Notes

0 0 530

Watch the recordings of the Product Office Hours here

0 0 490

FirstSpirit 2023.13 is the latest release of FirstSpirit and contains bugfixes as well as new functionality.

The release notes are attached to this post and available via https://docs.e-spirit.com/ .
To learn more about our release management in general please see our Release Management FAQ.

The new FirstSpirit version is available for download.

You need a personal login to access the download folder. Please contact our Technical Support if you do not have a personal login.

0 0 1,109

The release notes for this build are available online at

EN Release Notes

and

DE Release Notes

0 0 449

The next FirstSpirit Product Office Hours are coming up – find details here

0 0 505

The release notes for this build are available online at

https://docs.e-spirit.com/ecom/fsconnect-com/23.11.2/FirstSpirit_Connect_for_Commerce_Releasenotes_E...

and

https://docs.e-spirit.com/ecom/fsconnect-com/23.11.2/FirstSpirit_Connect_for_Commerce_Releasenotes_D...

0 0 451

The release notes for this build are available online at

https://docs.e-spirit.com/ecom/fsconnect-com/23.11.1/FirstSpirit_Connect_for_Commerce_Releasenotes_E...

and

https://docs.e-spirit.com/ecom/fsconnect-com/23.11.1/FirstSpirit_Connect_for_Commerce_Releasenotes_D...

0 0 450

FirstSpirit 2023.12 is the latest release of FirstSpirit and contains bugfixes as well as new functionality.

The release notes are attached to this post and available via https://docs.e-spirit.com/ .
To learn more about our release management in general please see our Release Management FAQ.

The new FirstSpirit version is available for download.

You need a personal login to access the download folder. Please contact our Technical Support if you do not have a personal login.

0 0 1,098

The release notes for this build are available online at

https://docs.e-spirit.com/ecom/fsconnect-com/23.11.0/FirstSpirit_Connect_for_Commerce_Releasenotes_E...

and

https://docs.e-spirit.com/ecom/fsconnect-com/23.11.0/FirstSpirit_Connect_for_Commerce_Releasenotes_D...

0 0 510

The release notes for this build are available online at

https://docs.e-spirit.com/ecom/fsconnect-com/23.10.1/FirstSpirit_Connect_for_Commerce_Releasenotes_EN.html

and

https://docs.e-spirit.com/ecom/fsconnect-com/23.10.1/FirstSpirit_Connect_for_Commerce_Releasenotes_DE.html

0 0 512

FirstSpirit 2023.11 is the latest release of FirstSpirit and contains bugfixes as well as new functionality.

The release notes are attached to this post and available via https://docs.e-spirit.com/ .
To learn more about our release management in general please see our Release Management FAQ.

The new FirstSpirit version is available for download.

You need a personal login to access the download folder. Please contact our Technical Support if you do not have a personal login.

0 0 1,165

Watch the recordings of the AI Webinar for FirstSpirit here

0 0 719

Download the documentation for FirstSpirit's DQM Connect functionality and see the intro video here

0 0 855

The release notes for this build are available online at

https://docs.e-spirit.com/ecom/fsconnect-com/23.10.0/FirstSpirit_Connect_for_Commerce_Releasenotes_EN.html

and

https://docs.e-spirit.com/ecom/fsconnect-com/23.10.0/FirstSpirit_Connect_for_Commerce_Releasenotes_DE.html

0 0 584

FirstSpirit Hotfix-Builds 5.2.230817 (Non-Jakarta) and 5.2.231010 (Jakarta) contain a further security fix for CVE-2023-4863 (Heap Buffer Overflow in WebP):

JxBrowser update to the version 7.35.1 (is used in the integrated preview in the SiteArchitect)

The vulnerability is classified as critical. Crownpeak therefore recommends a prompt update to a secured FirstSpirit version.

A “heap buffer overflow” in WebP allowed a remote attacker to perform an out-of-bounds memory-write, and thus possibly inject malicious code. A manipulated WebP image can therefor lead to code injection.

FirstSpirit versions since 2019.11 are affected.

How can the vulnerability be exploited?

An editor adds a manipulated WebP image to a project.
An editor opens an (external) website containing a manipulated WebP in the integrated preview.

What do you have to do?

(Server) Update to 5.2.230817 / 5.2.231010
(Client) Update the local browsers

Mitigation without FS Update

(Server) Prevent uploading of WebP (set appropriate restrictions in the project) or
(Server) Configure WebP as media type file
(Client) Disable the integrated preview in SA (JxBrowser)
(Client) Update the local browsers

New FirstSpirit versions are available for download.

You need a personal login to access the download folder. Please contact our Technical Support if you do not have a personal login.

0 3 1,260

Current link to the FirstSpirit User Management

0 0 1,081

Upcoming webinars on AI Functionality in FirstSpirit – register here

0 0 613

FirstSpirit 2023.10 is the latest release of FirstSpirit and contains bugfixes as well as new functionality.

Important note regarding CVE-2023-4863 (Heap Buffer Overflow in WebP)

The vulnerability is classified as critical. Crownpeak therefore recommends a prompt update to a secured FirstSpirit version:

latest 2023.8 hotfix build 5.2.2308013 (Non-Jakarta) or
2023.10 (Jakarta)

Due to CVE-2023-4863, the WebP library used by FirstSpirit has been updated.

Important note regarding migration to Jakarta EE 6.0

In contrast to the phased rollout for cloud customers, on-premises customers are able to test and migrate the FirstSpirit servers once version 2023.9 or 2023.10 has been released.

However, we strongly recommend to wait with the update of productive servers at least until release 2023.11 since we aim to guarantee the compatibility for modules provided by Crownpeak with that release.

The release notes are attached to this post and available via https://docs.e-spirit.com/ .

To learn more about our release management in general please see our Release Management FAQ.

The new FirstSpirit version is available for download.

You need a personal login to access the download folder. Please contact our Technical Support if you do not have a personal login.

0 2 2,153

The FirstSpirit Hotfix-Build 5.2.230813 contains a security fix for CVE-2023-4863 (Heap Buffer Overflow in WebP).

The vulnerability is classified as critical. Crownpeak therefore recommends a prompt update to a secured FirstSpirit version.

Due to CVE-2023-4863, the WebP library used by FirstSpirit has been updated to a version based on libwebp version 1.3.2.

FirstSpirit versions since 2019.11 are affected.

How can the vulnerability be exploited?

An editor adds a manipulated WebP image to a project.

What do you have to do?

(Server) Update to 5.2.230813
(Client) Disable the integrated preview in SA (JxBrowser)
(Client) Update the local browsers

Mitigation without FS Update

(Server) Prevent uploading of WebP (set appropriate restrictions in the project) or
(Server) Configure WebP as media type file
(Client) Disable the integrated preview in SA (JxBrowser)
(Client) Update the local browsers

The new FirstSpirit version is available for download.

You need a personal login to access the download folder. Please contact our Technical Support if you do not have a personal login.

0 0 763