Skip to content

release 2.4.9.4
Compare
Choose a tag to compare
@zandbelt zandbelt released this 03 Sep 08:46
· 574 commits to master since this release
v2.4.9.4
03e6bfb

Security

  • prevent open redirect by applying OIDCRedirectURLsAllowed setting to target_link_uri; closes #672; thanks @Meheni

Bugfixes

  • don't apply authz in discovery process; fixes step up authentication when combined with Discovery

Dependencies

  • libcjose >= 0.5.1

Commercial

  • binary packages for various other platforms such as Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7/8 on Power PC (ppc64, ppc64le), Oracle Linux 6/7, older Ubuntu and Debian distro's, Oracle HTTP Server 11.1/12.1/12.2, IBM HTTP Server 8/9, Mac OS X and Microsoft Windows 64bit/32bit are available under a commercial agreement via [email protected]
  • support for Redis over TLS, Redis (TLS) Sentinel, and Redis (TLS) Cluster is available under a commercial license via [email protected]

Contributors

Meheni
Assets 7
Loading