In general, the latest version of Kantega SSO Enterprise is compatible with the oldest version that has not been ended of life. See Atlassian’s End-of-life (EOL) policy to get an overview of versions and EOL dates.
Changelog
Excerpt
Changes in 6.20.
0
15:45 CET
Release summary: Improve IP restrictions and security patch XSS in SAML POST binding
Improvements
Status
colour
Blue
title
ip restrictions
Improve performance of IP permissions saved in Kerberos IP addresses, API Tokens IP permissions, Username from header and Basic Auth IP permissions, by reducing unnecessary DNS lookups. DNS lookups are now only done if adding a domain name. Removed implicit support for Ipv6. Domain names are still only supported implicitly, and may potentially lead to performance issues.
Patch CVE-2023-44483 in org.apache.santuario.xmlsec
Changes in 6.20.1
13:00 CET
Release summary: Reintroduce implicit IPv6 support
Improvements
Status
colour
Blue
title
ip restrictions
Reintroduce partial IPv6 support to avoid unnecessary errors. Ipv6 is now computed in the same level as domain-name lookups. It is not recommended to use these formats unless necessary, as they can lead to perfomance issues.
Changes in 6.20.2
15:55 CET
Release summary: Bug fix
Bug fixes
Status
title
dark features
Introduce capability to remove update errors in /plugins/servlet/no.kantega.kerberosauth.kerberosauth-plugin/dark-features
Changes in 6.20.3
16:00 CET
Release summary: SAML/OIDC improvements anonymous browsing and automatic login
Improvements
Status
colour
Red
title
saml
Status
colour
Blue
title
oidc
Rename “Authenticated Anonymous Browsing” to “SSO-Protected Anonymous Browsing” for clarity. Introduce option in “Known domains login restriction” to have SSO-Protected Anonymous Browsing as a fallback instead of authentication error
Status
colour
Red
title
saml
Status
colour
Blue
title
oidc
Improve and clarify automatic login triggering when the username / password link is shown on the login page
Status
colour
Red
title
saml
Status
colour
Blue
title
oidc
Improve UI navigation bar structure so it’s easier to reach common identity provider settings like SAML key management and IDP Icons
Status
colour
Red
title
saml
Status
colour
Blue
title
oidc
Status
colour
Green
title
jira only
Add a switch for Jira to decide whether the user should have the login page as destination URL after logging in.
Status
title
copy user directory
Fix SSL issue in Common > Copy User Directory for newer versions of Atlassian host products with changed classpath
Changes in 6.20.2
15:55 CET
Release summary: Bug fix
Bug fixes
Status
title
dark features
Introduce capability to remove update errors in /plugins/servlet/no.kantega.kerberosauth.kerberosauth-plugin/dark-features
Changes in 6.20.1
13:00 CET
Release summary: Reintroduce implicit IPv6 support
Improvements
Status
colour
Blue
title
ip restrictions
Reintroduce partial IPv6 support to avoid unnecessary errors. Ipv6 is now computed in the same level as domain-name lookups. It is not recommended to use these formats unless necessary, as they can lead to perfomance issues.
Changes in 6.20.0
15:45 CET
Release summary: Improve IP restrictions and security patch XSS in SAML POST binding
Improvements
Status
colour
Blue
title
ip restrictions
Improve performance of IP permissions saved in Kerberos IP addresses, API Tokens IP permissions, Username from header and Basic Auth IP permissions, by reducing unnecessary DNS lookups. DNS lookups are now only done if adding a domain name. Removed implicit support for Ipv6. Domain names are still only supported implicitly, and may potentially lead to performance issues.