Kantega SSO Enterprise 5.11.x release notes

We are pleased to announce Kantega SSO Enterprise 5.11.

We recommend as always to take a backup before performing updates, especially for major and minor versions.
Read the update notes for important information about the updating to major version 5 from 4.x or earlier, and see the full changelog below.

See the latest changes in version 5.11.1

Compatible applications

Application

Compatible from version

Application

Compatible from version

Bamboo

7.1.0 Server, 8.0.0 Data Center

Bitbucket

7.5.0

Confluence

7.4.0

Jira

8.11.0

Changelog

Changes in 5.11.0

Sep 26, 2022 08:40 CET

Specific redirect rules for JSM and improve logging and error handling

Features

  • jira saml/oidc Added a tab so you can configure separate redirect rules for JSM users and normal Jira users

Improvements

  • cSRF Added more information for troubleshooting in CSRF error page

  • api tokens Added more logging and a bit more detailed output message in error handling of failed api token authentication

Bug fixes

  • jira Api tokens Api token access URLs failed to render values of data in list, instead only object references

Changes in 5.11.1

Sep 30, 2022 11:30 CET

Bugfix in providers overview when known domains is set

Bug fixes

  • SAML/OIDC After setting the redirect mode to known domains, the page /providers with the identity provider overview crashes due to an incorrect reference to the saved value after the new feature introduced in 5.11.0

Changes in 5.11.2

Oct 18, 2022 14:00 CET

Security update to patch CVE-2022-42889

Security patches

Update apache sommons-text to 1.10.0 to patch vulnerability in CVE-2022-42889: https://nvd.nist.gov/vuln/detail/CVE-2022-42889

Changes in 5.11.3

Oct 24, 2022 11:30 CET

Improvements

samlAdded switch in Advanced SAML settings to enable ability to save redirect URL after IdP login for instant redirect. Useful if IdP has problems returning complex redirect URLs.

 

Changes in 5.11.4

May 15, 2023 17:30 CEST

Bug fixes

  • Fixed 'max valid for' parameter validation when API tokens created by non System Administrator users

  • Api tokens page will no longer create tokens on page refresh after a token has been created