Releases: OpenIdentityPlatform/OpenAM
Releases · OpenIdentityPlatform/OpenAM
15.1.6
What's Changed
- [#859] Drop Oracle Directory Server Enterprise Edition support as configuration datastore by @maximthomas in #861
- [#859] Warn and continue loading LDIF schemas on install by @maximthomas in #860
- Add support Java SE 24 by @vharseko in #857
- Bump org.openidentityplatform.opendj to 4.9.4 by @vharseko in #854
- Add integration test with OpenDJ Docker container by @maximthomas in #863
- Update documentation formatting by @maximthomas in #867
Full Changelog: 15.1.5...15.1.6
Contributors
vharseko and maximthomas
Assets 11
15.1.5
What's Changed
- CVE-2025-27497 Fix Denial of Service (Dos) using alias loop by @vharseko in #843
- CVE-2025-26791 Bump dompurify and swagger-ui in /openam-ui/openam-ui-api by @dependabot in #856
- Fail fast when updating OpenDJ schema on OpenAM setup by @maximthomas in #849
- Add RemoteIpValve to the server.xml in Docker image by @maximthomas in #850 thanks @AndressRod
- [#845] Setup with embedded DJ may crash by @vharseko in #853 thanks @YinHangCode
- [#848] Fix OAuth2 error when use Connection: close header by @maximthomas in #855 thanks @AndressRod
- Docs: disable timestamp in javadoc by @maximthomas in #842
- Change github action distribution temurin->zulu by @vharseko in #841
- Bump @babel/runtime from 7.24.5 to 7.26.10 in /openam-ui/openam-ui-api by @dependabot in #847
- Bump axios from 1.7.7 to 1.8.3 in /openam-ui/openam-ui-api by @dependabot in #851
- Bump @babel/runtime-corejs3 from 7.25.6 to 7.26.10 in /openam-ui/openam-ui-api by @dependabot in #852
Full Changelog: 15.1.4...15.1.5
Contributors
vharseko, maximthomas, and 3 other contributors
Assets 11
15.1.4
What's Changed
- Migrate form PhantomJS to Chrome to fix UI test crash in Ubuntu by @maximthomas in #829
- Use generic authenticator app for push by @maximthomas in #830
- Update documentation & fix issues by @maximthomas in #831
- Bump org.apache.cassandra:cassandra-all from 4.0.11 to 4.0.16 in /openam-cassandra by @dependabot in #833
- Bump opendj.version 4.9.2 by @vharseko in #832
- Documentation update by @maximthomas in #834
- [#836] Docs: add access to the encapsulated java classes for Java 11 and above by @maximthomas in #837
- Docs: Drop JDK 7 support and remove MetaspaceSize options by @maximthomas in #838
- Bump netty to 4.1.118.Final by @maximthomas in #839
Full Changelog: 15.1.3...15.1.4
Contributors
vharseko, maximthomas, and dependabot
Assets 11
15.1.3
What's Changed
- Set 'Build Javadoc' step in the deploy workflow optional by @maximthomas in #812
- Update VK, OK OAuth 2.0 providers, added mail.ru OAuth 2.0 provider by @maximthomas in #813
- Bump org.owasp.esapi:esapi from 2.5.3.1 to 2.6.0.0 by @dependabot in #814
- Change validation of OIDC token issuer to support parameterized queries by @sp193 in #818
Full Changelog: 15.1.2...15.1.3
Contributors
sp193, maximthomas, and dependabot
Assets 11
15.1.2
What's Changed
- CVE-2024-47535 Denial of Service attack on windows app using netty by @maximthomas in #808
- FIX java.base/sun.security.krb5 -> java.security.jgss/sun.security.krb5 by @vharseko in #803 thanks @FireBurn
- Bump cookie and swagger-client in /openam-ui/openam-ui-api by @dependabot in #807
- Bump opendj.version 4.8.2 by @vharseko in #806
- Fix documents deploy error by @maximthomas in #805
- [#810] Publish javadoc to the documentation site by @maximthomas in #811
Full Changelog: 15.1.1...15.1.2
Contributors
FireBurn, vharseko, and 2 other contributors
Assets 11
15.1.1
What's Changed
- CVE-2024-47554 Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader by @dependabot in #799
- [#790] FIX OAuth2 realm config - updating 'scopes supported' requires a restart by @vharseko in #791
- [#795] REST APIs after upgrade use Oldest API Version without header by @vharseko in #797
- Bump org.openidentityplatform.opendj 4.8.1 by @vharseko in #796
- Bump body-parser from 1.20.2 to 1.20.3 in /openam-ui/openam-ui-ria by @dependabot in #792
- Bump dompurify and swagger-ui in /openam-ui/openam-ui-api by @dependabot in #794
- Bump cookie and socket.io in /openam-ui/openam-ui-ria by @dependabot in #802
- Add JDK 23 build support by @vharseko in #800
- ADD maven-compiler-plugin release for cross compile compatibility by @vharseko in #801
- Docs in asciidoc & deploy antora docs after build by @maximthomas in #793
- Add missing resources & fix documentation links by @maximthomas in #798
Full Changelog: 15.1.0...15.1.1
Contributors
vharseko, maximthomas, and dependabot
Assets 11
15.1.0
What's Changed
- Publish docs to https://doc.openidentityplatform.org by @maximthomas in #783
- Bump requirejs from 2.3.2 to 2.3.7 in /openam-ui/openam-ui-ria by @dependabot in #785
- ADD JDK 22 support by @vharseko in #787
- Bump axios from 1.6.8 to 1.7.5 in /openam-ui/openam-ui-api by @dependabot in #789
- Switch docker to last LTS JRE 21 by @vharseko in #788
- Bump org.openidentityplatform.opendj 4.8.0 by @vharseko in #786
Full Changelog: 15.0.4...15.1.0
Contributors
vharseko, maximthomas, and dependabot
Assets 11
15.0.4
What's Changed
- CVE-2024-41667 OpenAM FreeMarker template injection by @maximthomas in GHSA-7726-43hg-m23v (thanks @AfterSnows)
- Bump nexus-staging-maven-plugin 1.7.0 by @vharseko in #781
- Bump ajv from 4.11.8 to 8.17.1 in /openam-ui/openam-ui-ria by @dependabot in #782
Full Changelog: 15.0.3...15.0.4
Contributors
vharseko, maximthomas, and 2 other contributors
Assets 11
15.0.3
What's Changed
- compress webhelp, xhtml and html docs after build by @maximthomas in #771
- build docs on GitHub build by @maximthomas in #772
- Update README.md by @vharseko in #773
- Stabilize UI tests on Mac by @maximthomas in #774
- Update README.md by @vharseko in #775
- Fix man pages build profile by @maximthomas in #778
- Bump opendj.version to 4.6.5 (fix upgrade error from OpenAM 13.x with embedded OpenDJ 3.x) by @vharseko in #777
Full Changelog: 15.0.2...15.0.3
Contributors
vharseko and maximthomas
Assets 11
15.0.2
What's Changed
- Bump ws, engine.io and socket.io-adapter in /openam-ui/openam-ui-ria by @dependabot in #761
- Bump braces from 3.0.2 to 3.0.3 in /openam-ui/openam-ui-api by @dependabot in #762
- Restore docs from community repository by @maximthomas in #764
- build documentation from source by @maximthomas in #765
- Bump braces from 3.0.2 to 3.0.3 in /openam-ui/openam-ui-ria by @dependabot in #766
- Fix docs wiki publish on release and deploy by @maximthomas in #767
- Bump opendj.version 4.6.4 by @vharseko in #768
- build man-pages on "Publish to the Maven Central Repository" step by @maximthomas in #769
- CVE-2020-36604 CVE-2019-10790 CVE-2022-0144 CVE-2018-3728 CVE-2024-29025 CVE-2023-26136 CVE-2020-15366 update vulnerable libraries by @maximthomas in #770
Full Changelog: 15.0.1...15.0.2
Contributors
vharseko, maximthomas, and dependabot