LemonLDAP::NG 2.0.8 is out!
This new release fixes more than 100 issues. Here are some of bugfixes and improvements of this release:
- Security:
- SingleSession plugin was not working with Login History
- Bugs:
- Workaround and fixes for several memory leaks
- Fixes for Notification system, including LDAP backend
- Fixes for different login workflows
- [OpenID Connect] missing ID Token in hybrid flow
- Fix logout forward
- IPv6 support in Nginx configuration files
- Fixes for CheckUser plugin
- [OpenID Connect] Introspection endpoint does not recognize refreshed Access Tokens
- [OpenID Connect] Handler OAuth2 now returns 401 error on bad Access Token
- [CAS] Manage mutlivalued attributes in CAS authentication
- Fix error in Manager/CLI when an unknown attribute is loaded from previous configuration
- Improvements and new features:
- REST proxy backend for PasswordDB
- Manage SameSite cookie settings
- Local Password Policy with special characters
- [OpenID Connect] Resource Owner Password Credentials Grant
- [OpenID Connect] Allow additional audiences for ID Token
- Packages for CentOS/RHEL 8
- Manager API to reset 2FA, to manage SAML and OIDC clients (https://lemonldap-ng.org/manager-api/2.0/)
- GitHub authentication backend (https://lemonldap-ng.org/documentation/latest/authgithub)
- Make require old password option configurable by a rule
- Append an option to define applications tooltip
- Possibility to select choice tab, as for menu tab
- Add a rollback option to lemonldap-ng-cli
- Possibility to configure a custom CSS file
- Possibility to override language with a parameter in URL
The full changelog can be seen here: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/milestones/71
Upgrade notes: https://lemonldap-ng.org/documentation/latest/upgrade#section208
Download: https://lemonldap-ng.org/download
They made this release:
- Core team: Maxime Besson, Xavier Guimard, Christophe Maudoux and Clément Oudot
- Organizations : Gendarmerie Nationale, Worteks, CNAMTS, Orange, Urgences Santé Québec, DGDDI
- Community (issues opening, tests, patches, pull requests) : Erik Anders, David Coutadeur, Mathieu Lecompte-melançon, Frédéric MASSOT, Julien TEHERY, Alexandre LINTE, Mickael Bride, Carl R., Alexander Patrakov, Julien Ledoux, Xavier Montagutelli, Xavier Bachelot, Soisik Froger
If you use LemonLDAP::NG and enjoy it, please let us know: