LemonLDAP::NG 1.9.19 is out!
This is a minor release for LemonLDAP::NG 1.9 with some bugfixes and enhancements but also important security fixes:
- [Security: low] register_token used for account creation can be used as a valid session identifier
- [Security: low] Captcha session id is too weak
- [Handler] InactivityTimeout for applications don't work
- [SAML] All IDP conf not usable if only one IDP misconfigured
- [OIDC] id_token validity not correctly evaluated
- [Common] lemonldap-ng-cli adds a new item when deleting an item that does not exist
- [Common] Error when saving in manager (mongoDB as ConfigurationBackend)
The full changelog can be seen here: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/milestones/59
Download: https://release.ow2.org/lemonldap/
Note that 1.9 is the old stable version, you are encouraged to migrate your installation to 2.0 version, following this documentation: https://lemonldap-ng.org/documentation/latest/upgrade
They made this release:
- Core team: Maxime Besson, Xavier Guimard, Christophe Maudoux and Clément Oudot
- Organizations: Gendarmerie Nationale, Worteks
- Community: David Coutadeur, Mame Dieynaba SENE, Mickael Bride, Renaud R. Frédéric MASSOT
If you use LemonLDAP::NG and enjoy it, please let us know:
- https://lemonldap-ng.org/references
- https://www.openhub.net/p/lemonldap-ng
- http://alternativeto.net/software/lemonldap-ng/
- https://comptoir-du-libre.org/softwares/view/101
- https://framalibre.org/content/lemonldapng
- http://twitter.com/lemonldapng
- https://www.facebook.com/lemonldapng/