HCL Commerce Version 9.1.8.0

HCL Commerce 9.1.8.1

HCL Commerce 9.1.8.0 was released on October 5, 2021. A fix pack for HCL Commerce 9.1.8.0, HCL Commerce 9.1.8.1 was released on December 23, 2021.

Security updates

HCL Commerce 9.1.8.1 contains the following security-related fixes, in addition to those included within HCL Commerce 9.1.8.0.
Affected software CVE(s) Vulnerability
WebSphere Application Server CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 Multiple vulnerabilities in Apache Log4j 2 affect HCL Commerce
HCL Commerce 9.1.8.0 contains the following security-related fixes.
Affected software CVE(s) Vulnerability
WebSphere Application Server CVE-2021-29736 Privilege Escalation vulnerability in WebSphere Application Server affects HCL Commerce
Apache Ant CVE-2021-36373, CVE-2021-36374 Multiple vulnerabilities in Apache Ant affect HCL Commerce
Apache Tomcat CVE-2021-33037 Vulnerability in Apache Tomcat affects HCL Commerce

Important changes

HCL Commerce 9.1.8.1 contains the following important changes to site features and functionality.

Important: Required changes
  • The 9.1.8.1 fix pack for HCL Commerce 9.1.8.0 includes fixes for all Log4j 2.x security vulnerabilities across the affected HCL Commerce containers. In addition, a standardized selection of fixes for the Elasticsearch-based search solution have been included in the updated Elasticsearch-based search solution containers.

    Upgrade to this fix pack to secure your deployment from this vulnerability, and to receive the latest in fixes and improvements to the Elasticsearch-based solution to continue to receive expedient troubleshooting support from HCL.

    • HCL Commerce Version 9.1.8.0 or laterTo upgrade your HCL Commerce 9.1.8.0 deployments to HCL Commerce 9.1.8.1:
      • For use with Solr-based search, upgrade the following containers to those that are provided with HCL Commerce 9.1.8.1:
        • ts-app
        • ts-utils
      • For use with Elasticsearch-based search, upgrade the following containers to those that are provided with HCL Commerce 9.1.8.1:
        • ts-app
        • ts-utils
        • search-query-app
        • search-nifi-app
        • search-registry-app
        • search-ingest-app
    • To upgrade from a previous HCL Commerce Version 9.1 release to HCL Commerce 9.1.8.1, use the updated 9.1.8.1 containers in combination with the unchanged 9.1.8.0 containers that are still provided with the 9.1.8.1 release.

      Only a selection of containers were updated for the 9.1.8.1 release, and these containers remain compatible with the remaining containers from the original 9.1.8.0 release.

      For more information on the containers used for the 9.1.8.1 release, see HCL Commerce eAssemblies.

  • Upgrading to HCL Commerce 9.1.8.1 with a social network OAuth 2.0 login integration that was configured prior to 9.1.7.0 requires changes to be made for the integration to continue working. No action will result in the integration ceasing to function.

    Learn more...

Feature enhancements

The following features have been introduced in this release. Review the following list to ensure that your site is prepared once this update is applied.

Indicates enhancements inspired by or created by customers and partners, and submitted through the HCL Commerce | Product Portal. Sign up to vote and submit your own ideas!

Search
Natural Language Processing (NLP) profiles
You can use an NLP profile to control the preprocessing flow of search terms before executing an Elasticsearch query. In addition, four new languages have been added to the NLP service.

Learn more...

Ingest upgrade
Upgrading your pipelines to use the latest version of the Ingest API has been made easier. You no longer have to rebuild your connectors to get the latest pipe updates to propagate throughout your Ingest service.

Learn more...

Create your own NiFi processors
Processors perform specific tasks within the NiFi pipeline, such as listening for incoming data, pulling data from external sources, publishing data to external sources, and routing, transforming, or extracting information from flow files. You can create your own custom processor if your IDE can use the Maven plugin.

Learn more...

Query toolkit and API enhancements
Search profiles group sets of search runtime parameters, such as the search index name, search index fields, expression providers, paging, and sorting. You can now add custom fields to your search profiles for Elasticsearch to further extend its capabilities.

Learn more...

Store
Page Composer Widgets
The Page Composer tool allows you to create store pages and assign SEO URLs to them. Page Composer tool has customizable page components such as Widgets, which can be placed within the page layout.

Learn more...

Converting pages to page Composer-enabled pages
All pages created prior to HCL Commerce version 9.1.7.0 can be converted to Page Composer-enabled pages.

Learn more..

Wish list tutorial task
The wishlist is an e-commerce feature that helps you to create a personalized collection of products they want to purchase and save them in their account page. A new tutorial guides you through the entire process of creating, adding, listing or deleting wish list items.

Learn more...

Tools
Assets tool
Managers can use the Assets tool to create, change, and delete files or attachments in support of your marketing campaigns. The tool can be accessed through Management Center.

Learn more...

Performance
Thread monitor
Thread dumps and Javacores are gathered by the Thread Monitor tool at predetermined intervals and during events such as high WebContainer / Default Executor pool thread use.

Learn more...

OneTest performance sample script for B2C store
The ability to mimic concurrent user demand is an important component of performance testing. The Emerald Store - OneTest Performance sample script provides you with a sample project to generate and simulate user traffic against the Emerald (B2C) Store.

Learn more...

Elasticsearch performance tuning guide
You have many options for tuning Elasticsearch, and detailed guides and examples are now provided for you. Everything from indexing to buffers and hardware scaling is covered.

Learn more...

Defect fixes

See HCL Commerce 9.1.8.0 and HCL Commerce 9.1.8.1 in Fixes that are included in HCL Commerce releases for a detailed list of defects that were fixed in this release and its associated fix pack.

Supported companion software

HCL Commerce 9.1.8.1 has been tested with the following companion software.
Commerce Companion software Database Browsers
HCL Commerce Version 9.1.8.1
  • WebSphere Application Server 9.0.5.8 + PH34690 + PH42762
    Note: The PH42762 interim fix is applied within the HCL Commerce 9.1.8.1 release Transaction server Docker container and Utility server Docker container.
  • WebSphere Application Server V8.5.5 Liberty 21.0.0.6
  • IBM SDK, Java Technology Edition, Version 8.0.6.30
  • IBM HTTP Server 9.0.5.8
  • Elasticsearch
    • x86-647.12.0
    • Power7.8.0
  • ZooKeeper
    • x86-643.7.0
    • Power3.6.2
  • Redis 6.2.3
  • NiFi 1.15.1
  • NiFi Registry 0.8.0
  • Solr-based search solution
    • IBM Db2 11.5
    • Oracle 18c
    • Oracle 19c
  • Elasticsearch-based search solution
    • IBM Db2 11.5
    • Oracle 19c
  • Management Center for HCL Commerce
    • Edge 20+
    • Internet Explorer 9+
    • Firefox 39+
    • Chrome 44+
    • Safari 10+
  • React-based storefronts
    • Edge 87+
    • Firefox 84+
    • Chrome 87+
    • Safari 14+
  • Aurora-based storefronts
    • Internet Explorer 20H2+
    • Edge 87+
    • Firefox 84+
    • Chrome 87+
    • Safari 14+