Update doc for 4.6.14 and 3.3.41

docs/update_and_migration/from_3.3/update_from_3.3.md

@@ -440,7 +440,73 @@
 
 ### v3.3.40
 
-A command to deal with duplicated database entries, as reported in [IBX-8562](https://issues.ibexa.co/browse/IBX-8562), will be available soon.
+No additional steps needed.
+
+### v3.3.41
+
+#### Security
+
+This release contains security changes.
+For each of following advisories evaluate the vulnerability to determine whether you might have been affected. 
+If so, take appropriate action, for example by [revoking passwords](https://doc.ibexa.co/en/latest/users/passwords/#revoking-passwords) for all affected users.
+
+You can find the two advisories below:
+
+##### BREACH attack
+
+If you're using Varnish, update the VCL configuration to stop compressing both the [[= product_name =]]'s REST API and JSON responses from your backend.
+Fastly users are not affected.
+
+=== "Varnish on [[= product_name_cloud =]]"
+
+    Update the Varnish configuration.
+
+    Generate new configuration with the following command:
+
+    ```bash
+    composer ibexa:setup --platformsh
+    ```
+
+    Review the changes, merge with your custom settings if needed, and commit them to Git before deployment.
+
+=== "Varnish 6"
+
+    Update your Varnish VCL file to align it with the [`vendor/ezsystems/ezplatform-http-cache/docs/varnish/vcl/varnish5.vcl`](https://github.com/ezsystems/ezplatform-http-cache/blob/2.3/docs/varnish/vcl/varnish5.vcl) file.
+
+=== "Varnish 7"
+
+    Update your Varnish VCL file to align it with the [`vendor/ezsystems/ezplatform-http-cache/docs/varnish/vcl/varnish7.vcl`](https://github.com/ezsystems/ezplatform-http-cache/blob/2.3/docs/varnish/vcl/varnish7.vcl) file.
+    ```
+
+If you're not using a reverse proxy like Varnish or Fastly, adjust the compressed Content Type in the webserver configuration.
+For more information. see the [updated Apache and nginx template configuration](https://github.com/ibexa/post-install/pull/86/files).
+
+For more information about the vulnerability, see the security advisory[TODO: insert link].
+
+##### Outdated version of jQuery in ibexa/ezcommerce-shop package
+
+There are no additional update steps to execute.
+For more information, see the security advisory[TODO: insert link].
+
+#### Other changes
+
+##### Remove duplicated entries in `ezcontentobject_attribute` table
+This release comes with a command to clean up the duplicated entries in the `ezcontentobject_attribute` table, caused by the issue described in [IBX-8562](https://issues.ibexa.co/browse/IBX-8562).
+
+If you're affected you can remove the duplicated entries by running the following command:
+``` bash
+php bin/console ibexa:content:remove-duplicate-fields
+```
+
+!!! caution
+
+    Remember about [**proper database backup**](backup.md) before running the command in the production environment.
+
+You can customize the behavior of the command with the following options:
+
+- `--batch-size` or `-b` - number of attributes affected per iteration. Default value = 10000.
+- `--max-iterations` or `-i` - max. iterations count (default or -1: unlimited). Default value = -1.
+- `--sleep` or `-s` - wait time between iterations, in milliseconds. Default value = 0.
 
 ## Finish the update
 

docs/update_and_migration/from_4.6/update_from_4.6.md

@@ -163,3 +163,68 @@
 - `batch-size` or `b` - number of attributes affected per iteration. Default value = 10000.
 - `max-iterations` or `i` - max. iterations count (default or -1: unlimited). Default value = -1.
 - `sleep` or `s` - wait time between iterations, in milliseconds. Default value = 0.
+
+## v4.6.14
+
+### Security
+
+This release contains security changes.
+For each of following advisories evaluate the vulnerability to determine whether you might have been affected. 
+If so, take appropriate action, for example by [revoking passwords](https://doc.ibexa.co/en/latest/users/passwords/#revoking-passwords) for all affected users.
+
+You can find the three advisories below:
+
+#### BREACH attack
+
+If you're using Varnish, update the VCL configuration to stop compressing both the [[= product_name =]]'s REST API and JSON responses from your backend.
+Fastly users are not affected.
+
+=== "Varnish on [[= product_name_cloud =]]"
+
+    Update Platform.sh configuration and scripts.
+
+    Generate new configuration with the following command:
+
+    ```bash
+    composer ibexa:setup --platformsh
+    ```
+
+    Review the changes, merge with your custom settings if needed, and commit them to Git before deployment.
+
+=== "Varnish 6"
+
+    Update your Varnish VCL file to align it with the [`vendor/ibexa/http-cache/docs/varnish/vcl/varnish6.vcl`](https://github.com/ibexa/http-cache/blob/4.6/docs/varnish/vcl/varnish6.vcl) file.
+
+=== "Varnish 7"
+
+    Update your Varnish VCL file to align it with the [`vendor/ibexa/http-cache/docs/varnish/vcl/varnish7.vcl`](https://github.com/ibexa/http-cache//blob/4.6/docs/varnish/vcl/varnish7.vcl) file.
+    ```
+
+If you're not using a reverse proxy like Varnish or Fastly, adjust the compressed Content Type in the webserver configuration.
+For more information. see the [updated Apache and nginx template configuration](https://github.com/ibexa/post-install/pull/86/files).
+
+For more information, see the security advisory[TODO: insert link].
+
+#### XSS in Content name pattern
+
+There are no additional update steps to execute.
+For more information, see the security advisory[TODO: insert link].
+
+#### Outdated version of jQuery in ibexa/ezcommerce-shop package
+
+Only users of the [old Commerce solution](update_from_4.3_old_commerce.md) are affected.
+There are no additional update steps to execute.
+For more information, see the security advisory[TODO: insert link].
+
+#### Other changes
+
+#### Disable translations of identifiers in Product Catalog's categories
+
+The possibility of translating identifiers and parent information for the Categories in Product Catalog might lead to data consistency issues.
+
+Disable it by running the following migration:
+
+``` bash
+php bin/console ibexa:migrations:import vendor/ibexa/product-catalog/src/bundle/Resources/migrations/2024_07_25_07_00_non_translatable_product_categories.yaml --name=2024_07_25_07_00_non_translatable_product_categories.yaml
+php bin/console ibexa:migrations:migrate --file=2024_07_25_07_00_non_translatable_product_categories.yaml
+```

mkdocs.yml

@@ -923,14 +923,14 @@ extra:
 
   # Global variables - latest tag versions
   latest_tag_2_5: '2.5.32'
-  latest_tag_3_3: '3.3.40'
+  latest_tag_3_3: '3.3.41'
   latest_tag_4_0: '4.0.8'
   latest_tag_4_1: '4.1.5'
   latest_tag_4_2: '4.2.4'
   latest_tag_4_3: '4.3.5'
   latest_tag_4_4: '4.4.4'
   latest_tag_4_5: '4.5.7'
-  latest_tag_4_6: '4.6.13'
+  latest_tag_4_6: '4.6.14'
 
   symfony_doc: 'https://symfony.com/doc/5.4'
   user_doc: 'https://doc.ibexa.co/projects/userguide/en/master'