Kantega SSO Enterprise 5.1.x release notes
25 October 2021
We are pleased to announce Kantega SSO Enterprise 5.1.
Read the upgrade notes for important information about the updating to version 5 (and you are upgrading from 4.x), and see the full changelog below.
Compatible applications
Application | Compatible from version |
---|---|
Bamboo | 7.0.1 |
Bitbucket | 6.8.0 |
Confluence | 7.1.0 |
Jira | 8.6.0 |
Changelog
After the large fundamental changes in 5.0, we are now stabilizing and improving the product, while still adding new functionality.
Changes in 5.1.0
Features
SAML/OIDC Support reauthentication with SAML or OIDC SSO when Websudo / Secure Administrative Sessions is activated
Improvements
Username from header Visual changes in IP lists and remove incorrect error message
SAML/OIDC Fix typo in setup wizard
SAML/OIDC Fixed incorrect error message in “Run test”
Kerberos GlobalMoved “Usage Counter” from Kerberos tab to Common tab
Bug fixes
SAML/OIDC IDP Draft name was added to redirect rule text of other IDP
Changes in 5.1.1
Improvements
API TOKENS - REST API ACCESS Fix performance issue with unnecessary database queries to AO_xx_RESTRICT_APIENDPOINT on REST API filter
API TOKENS Improved more responsive user experience, fix issues with input fields not rendering properly.
Bug fixes
CLOUD USER sync Fixed XML encoding bug that didn’t accept emoji characters in cloud synchronization API Connectors
Security patches
DM_DEFAULT_ENCODING: String to byte or byte to string conversions using default platform encoding instead of consistent standard charset encoding
UI_INHERITANCE_UNSAFE_GETRESOURCE: Calling this.getClass().getResource(...)
could give results other than expected if this class is extended by a class in another package.
XXE_DOCUMENT: XML parsing vulnerable to XML External Entities (XXE) when DocumentBuilder supports XML entities while processing XML received from an untrusted source.
OS_OPEN_STREAM_EXCEPTION_PATH: OS: Method may fail to close stream on exception
Changes in 5.1.2
Security consolidation
Consolidated logging by replacing all remaining direct references to the provided dependency of Log4j 1.2.17 with the facade Slf4j. Older versions of Kantega SSO are not affected by CVE-2021-44228, but this release mitigates risk of other vulnerabilities. Read more about the log4j vulnerability here: About the Log4j vulnerability CVE-2021-44228.