LemonLDAP::NG 2.0.8 is out!

This new release fixes more than 100 issues. Here are some of bugfixes and improvements of this release:

  • Security:
    • SingleSession plugin was not working with Login History
  • Bugs:
    • Workaround and fixes for several memory leaks
    • Fixes for Notification system, including LDAP backend
    • Fixes for different login workflows
    • [OpenID Connect] missing ID Token in hybrid flow
    • Fix logout forward
    • IPv6 support in Nginx configuration files
    • Fixes for CheckUser plugin
    • [OpenID Connect] Introspection endpoint does not recognize refreshed Access Tokens
    • [OpenID Connect] Handler OAuth2 now returns 401 error on bad Access Token
    • [CAS] Manage mutlivalued attributes in CAS authentication
    • Fix error in Manager/CLI when an unknown attribute is loaded from previous configuration
  • Improvements and new features:
    • REST proxy backend for PasswordDB
    • Manage SameSite cookie settings
    • Local Password Policy with special characters
    • [OpenID Connect] Resource Owner Password Credentials Grant
    • [OpenID Connect] Allow additional audiences for ID Token
    • Packages for CentOS/RHEL 8
    • Manager API to reset 2FA, to manage SAML and OIDC clients (https://lemonldap-ng.org/manager-api/2.0/)
    • GitHub authentication backend (https://lemonldap-ng.org/documentation/latest/authgithub)
    • Make require old password option configurable by a rule
    • Append an option to define applications tooltip
    • Possibility to select choice tab, as for menu tab
    • Add a rollback option to lemonldap-ng-cli
    • Possibility to configure a custom CSS file
    • Possibility to override language with a parameter in URL

The full changelog can be seen here: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/milestones/71

Upgrade notes: https://lemonldap-ng.org/documentation/latest/upgrade#section208

Download: https://lemonldap-ng.org/download

They made this release:

  • Core team: Maxime Besson, Xavier Guimard, Christophe Maudoux and Clément Oudot
  • Organizations : Gendarmerie Nationale, Worteks, CNAMTS, Orange, Urgences Santé Québec, DGDDI
  • Community (issues opening, tests, patches, pull requests) : Erik Anders, David Coutadeur, Mathieu Lecompte-melançon, Frédéric MASSOT, Julien TEHERY, Alexandre LINTE, Mickael Bride, Carl R., Alexander Patrakov, Julien Ledoux, Xavier Montagutelli, Xavier Bachelot, Soisik Froger

If you use LemonLDAP::NG and enjoy it, please let us know: