Kiwi TCMS 14.2

We're happy to announce Kiwi TCMS version 14.2!

IMPORTANT:

This is a minor version release which includes security related updates, several improvements and new translations.

Recommended upgrade path:

14.1 -> 14.2

You can explore everything at https://public.tenant.kiwitcms.org!

---

Public container image (x86_64):
pub.kiwitcms.eu/kiwitcms/kiwi   latest  141ce95a4323    677MB

IMPORTANT: version tagged and multi-arch container images are available only to subscribers!

Changes since Kiwi TCMS 14.1

Security

Update Django from 5.1.7 to 5.1.8 addressing a moderate severity denial-of-service vulnerability, CVE-2025-27556, which may be affecting Kiwi TCMS instances running natively on Windows

Improvements

Update django-attachments from 1.11 to 1.12
Update django-colorfield from 0.12.0 to 0.13.0
Update django-extensions from 3.2.3 to 4.1
Update markdown from 3.7 to 3.8
Update psycopg from 3.2.5 to 3.2.6
Update tzdata from 2025.1 to 2025.2
Update uwsgi from 2.0.28 to 2.0.29
On Execution Dashboard page add Product & Components columns (Oskar Hurst, USACE)
Remove duplicate IDs to minimize size of SQL WHERE clause for API calls on Execution Dashboard page
Remove code which was generating /Kiwi/uploads/installation-id. This file was never used and is not needed

Refactoring and testing

Update node_modules/webpack from 5.98.0 to 5.99.6
Update fedora from 41 to 42 in tests/bugzilla/Dockerfile
Pin the version of Locust to avoid accidental failures
Replace custom function with django.utils

Translations

Updated Korean translation
Updates Ukrainian translation

Kiwi TCMS Enterprise v14.2-mt

Based on Kiwi TCMS v14.2
Update certbot-* from 3.2.0 to 4.0.0
Update kiwitcms-github-app from 2.0.1 to 2.1.0
Update kiwitcms-tenants from 4.0.0 to 4.1.0
Update sentry-sdk from 2.22.0 to 2.26.1
Add django-storages[s3] as a dependency
Add psycopg-pool as a dependency
Add a show_version command for manage.py
Allow additional script-src for Content-Security-Policy header to be specified via the NGX_CSP_SCRIPT_SRC environment variable
Workaround missing wheel packages for xmlsec v1.3.15, see https://github.com/xmlsec/python-xmlsec/issues/344
Pin xmlsec to v1.3.14

Private container images

hub.kiwitcms.eu/kiwitcms/version            14.2 (aarch64)          77cd9ccde9f6    23 Apr 2025     692MB
hub.kiwitcms.eu/kiwitcms/version            14.2 (x86_64)           24c27dafcd26    23 Apr 2025     677MB
hub.kiwitcms.eu/kiwitcms/enterprise         14.2-mt (aarch64)       fd7113a910c1    23 Apr 2025     1.06GB
hub.kiwitcms.eu/kiwitcms/enterprise         14.2-mt (x86_64)        e3f1f25186de    23 Apr 2025     1.04GB

IMPORTANT: version tagged, multi-arch and Enterprise container images are available only to subscribers!

How to upgrade

Backup first! Then follow the Upgrading instructions from our documentation.

Happy testing!

---

If you like what we're doing and how Kiwi TCMS supports various communities please help us grow!

Give ⭐ on GitHub;
Give 👍 on GitLab;
Join our newsletter and follow all project news;
Become a contributor and an awesome open source hacker;
Become a subscriber and help us sustain development