Skip to content

release 2.4.18.1

Latest
Latest

Choose a tag to compare

View all tags
@zandbelt zandbelt released this 01 Oct 01:17
· 55 commits to master since this release
v2.4.18.1
aac7566

Bugfixes

  • shm: use _oidc_strcpy instead of _oidc_strncpy to avoid segfaults on some platforms; see #1353; regression since 2.4.16.7, found on Amazon Linux 2023
  • logout: when revoking tokens at the revocation endpoint with client_secret_jwt or private_key_jwt, use the revocation endpoint as "aud" value (instead of the token endpoint that was used before), unless environment variable OIDC_TOKEN_REVOCATION_AUD is set to "token" (or another literal aud value)
  • refresh: turn debug printouts on config errors into warnings; see #1349; thanks@CrazyWolf13
  • pass JSON real claims without trailing zeros, use 8 digits precision instead of 6

Features

  • improve Redis (and Metrics) performance on process MPMs by using apr_thread_mutex_t (instead of apr_proc_mutex_t) for locking; see #1340

Other

  • version 2.4.18.1 is certified for the OpenID Foundation's FAPI2 RP Security Final and FAPI2 RP Messaging Final profiles using the OpenID Certification Conformance suite, see: https://openid.net/certification/
  • test: add util/* coverage tests

Commercial

  • binary packages for various other platforms such as Microsoft Windows, Red Hat Enterprise Linux 6/7, older Ubuntu and Debian distro's, Oracle HTTP Server 11/12/14, IBM HTTP Server 8/9, and IBM AIX 7 are available under a commercial agreement via [email protected]
  • support for Redis/Valkey over TLS, Redis/Valkey (TLS) Sentinel, and Redis/Valkey (TLS) Cluster is available under a commercial license via [email protected]

The RPM packages below are signed with the following RSA PGP key:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQENBGh53lgBCADCyoOkfnE5h5rBLlf02oFpI/z2vUXK5W4T56xnNPu0/iIOxbBk
YX9rSypZFhfjv28lhGgelWEg28Ab/Yxs6l0obCgDEuFUDQ5Dv+N+YSMy67vtLwYW
9LM5p9fMN9bXOa62PwvtzRzh+xRyRBcIfMacGJC+SqUK6QhzC0lNwCsr1OaWjzon
mkaodwrloNMxEZVvFn63PvuQDZ3wwQty+0XpYiiChMssGBn6nmPDQJ7pDtQDkhfD
Z5FKY6K7AQJ4fneiVCLGngPBwTXBGcfWa+Y0HCS2ghQwDO6jYXd5GjowVDTjfMK3
QJ3e26Ox9X3V0Fl04R1i5EthEkAWGfy1lksvABEBAAG0HU9wZW5JREMgPHN1cHBv
cnRAb3BlbmlkYy5jb20+iQFRBBMBCgA7FiEEFdjWJA1IGDkAITSxnyZY1L0OSOMF
Amh53lgCGwMFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQnyZY1L0OSONG
Jgf+II0wG96R0g28Kp+R4AYzSdX0CEqr6OhwHHw4cFpLsHxZNhojo7I4OnLKEdfc
lFl37rE+hG3QpzD/b4S/fpPjd4hcLkguBQxtdxqZZVAIT8HWbveHRkI8MNnjOPwv
Hy6jBncMs1IT/URV2si/Q34+PLo8tvo/lXNa16svVl2DoYXO8MCszgCE1bx055EF
XPh4Teu5Y4OLHECSicMxrmN746dAD121zy4bLLx9mZ0erhLjvkj1vkFmlHFKyvwY
/pbSqXs9hW/wweW1oQ/xEIJWWS71PeoutUBjr0WC4sILnR5PBPZplgNh297Qex6g
qaW3io0tCH9KxU1tXYn/iL/hbQ==
=mlOy
-----END PGP PUBLIC KEY BLOCK-----
Assets 11
Loading