|
5 | 5 | This document lists the changes between versions of SimpleSAMLphp. |
6 | 6 | See the [upgrade notes](https://simplesamlphp.org/docs/stable/simplesamlphp-upgrade-notes.html) for specific information about upgrading. |
7 | 7 |
|
8 | | -## Version 2.2.2 |
| 8 | +## Version 2.4.0 |
9 | 9 |
|
10 | 10 | Released TBD |
11 | 11 |
|
| 12 | +* Fixed PHP 8.4 deprecation notices |
| 13 | +* Fixed infinite recursion (#2367) |
| 14 | +* Added a new feature flag `encryption.optional` to allow unencrypted assertions if the SP does |
| 15 | + not provide an encryption certificate (#2208) |
| 16 | +* Make translations tool theme-aware (#2315) |
| 17 | +* Fixed build-workflow to only re-build the website once |
| 18 | +* Bugfix: Use entityID from state to allow overriding the issuer (#2345) |
| 19 | +* When only a single IdP is in scope, skip discovery screen (#2355) |
| 20 | +* Fixed "Undefined array key" warning in RequestedAuthnContextSelector if no RAC is present in the request |
| 21 | + |
| 22 | +`adfs` |
| 23 | + |
| 24 | +* PHP 8.4 support |
| 25 | +* The ADFS-module has been disconnected from the SSP release. To continue to use it, the module has to be manually installed. |
| 26 | +* The ADFS-module was completely rewritten and now uses our own XML-libraries for building, signing and encrypting XML (v3.0.0) |
| 27 | + |
| 28 | +`authcrypt` |
| 29 | + |
| 30 | +* PHP 8.4 support |
| 31 | + |
| 32 | +`discopower` |
| 33 | + |
| 34 | +* Hide tab list when there's only one tab (simplesamlphp/simplesamlphp-module-discopower#27) (v1.5.0) |
| 35 | +* Bugfix: Use jquery-assets repo to work around symlink-issue (simplesamlphp/simplesamlphp-module-discopower#28) (v1.5.1) |
| 36 | + |
| 37 | +`ldap` |
| 38 | + |
| 39 | +* Add SASL-support (v2.4.0). Note that this required a newer version of symfony/ldap than the one packaged (v2.4.3) |
| 40 | + |
| 41 | +`saml` |
| 42 | + |
| 43 | +* Stricter regexp to verify SubjectID/PairwiseID: disallow trailing spaces. |
| 44 | +* Feature: Add authproc-filter to be able to manipulate the Assertion's Issuer (#2346) |
| 45 | + |
| 46 | +`debugsp` |
| 47 | + |
| 48 | +* Added module to allow testing the SP you have in your installation without needing admin login |
| 49 | + This is similar to the admin/test page but can more easily be used by an IdP who may not have admin |
| 50 | + privileges on your site. |
| 51 | + |
| 52 | +## Version 2.3.0 |
| 53 | + |
| 54 | +Released 2024-08-20 |
| 55 | + |
| 56 | +* The SubjectID authproc-filter now has a new option `hashed`, which if set to true |
| 57 | + will automatically hash the unique part of the ID. This will also automatically |
| 58 | + make the unique part of the ID in compliance with the specs (#2006) |
| 59 | +* Add microsecond support to the FileLoggingHandler (#2084) |
| 60 | +* Session ID's are now hashed when stored in a database (#2106) |
| 61 | +* Improved HTML 5 compatibility (#2162) |
| 62 | +* Fix: preloaded resource not used (#2207) |
| 63 | +* BC-break (unintentional): plain-text admin-password are no longer allowed (#2113) |
| 64 | + |
| 65 | +`authorize` |
| 66 | + |
| 67 | +* Feature: allow a user to reauthenticate with a different account (simplesamlphp/simplesamlphp-module-authorize#17) (v1.5.0) |
| 68 | +* Feature: show user what account he's using when authorization fails (simplesamlphp/simplesamlphp-module-authorize#20) (v1.6.0) |
| 69 | +* Fix: fix faulty translation (v1.6.1) |
| 70 | + |
| 71 | +`consent` |
| 72 | + |
| 73 | +* Update Luxembourgish translations (v1.4.0) |
| 74 | + |
| 75 | +`negotiate` |
| 76 | + |
| 77 | +* Add support for SPNEGO channel binding (v2.3.1) |
| 78 | + |
| 79 | +`sqlauth` |
| 80 | + |
| 81 | +* Add username_regex option - run regular expression over username before querying the |
| 82 | + database (simplesamlphp/simplesamlphp-module-sqlauth#11) (v1.3.0) |
| 83 | + |
| 84 | +## Version 2.2.3 |
| 85 | + |
| 86 | +Released 2024-08-20 |
| 87 | + |
| 88 | +* Added a missing use-statement that would cause a 'class not found' exception. |
| 89 | +* Improved Luxembourgish (LB) translations (#2129, #2140) |
| 90 | +* Fix regression introduced in v2.2.2 regarding autofilling usernames. |
| 91 | +* Restore the possibility to set `trusted.url.domains` to null |
| 92 | +* Improved documentation on cachedir-setting (#2153) |
| 93 | +* Fix bug in post.twig (#2161) |
| 94 | +* Fix MDQ cache file bugs (#2200) |
| 95 | + |
| 96 | +`adfs` |
| 97 | + |
| 98 | +* Fixed metadata download to become a proper xml-file |
| 99 | +* Prevent metadata-download from ever being cached |
| 100 | + |
| 101 | +`authorize` |
| 102 | + |
| 103 | +* Fixed logout button (simplesamlphp/simplesamlphp-module-authorize#16) (v1.4.1) |
| 104 | + |
| 105 | +`ldap` |
| 106 | + |
| 107 | +* Fixed a bug that would throw an unhandled exception to the user if they would enter |
| 108 | + a non-existing organization and `username_organization_method` is set to `allow` or `force` (v2.3.6). |
| 109 | + |
| 110 | +`metarefresh` |
| 111 | + |
| 112 | +* Fixed incorrect parsing of configuration (v1.2.2) |
| 113 | + |
| 114 | +`radius` |
| 115 | + |
| 116 | +* Fixed security bug known as Blast-Radius (CVE-2024-3596) (simplesamlphp/simplesamlphp-module-radius#10) (v2.0.2) |
| 117 | + |
| 118 | +## Version 2.2.2 |
| 119 | + |
| 120 | +:warning: IMPORTANT NOTE :warning: |
| 121 | + |
| 122 | +Due to a mistake, this bugfix-release can turn out to become a backwards-incompatibility for those who override the loginuserpass.twig in their custom theme. |
| 123 | +Please update your theme to reflect the changes in [this commit](https://github.com/simplesamlphp/simplesamlphp/pull/2022/commits/691199e9b963a2861d731e6583555c7a8df39992) before updating. |
| 124 | + |
| 125 | +Released 2024-04-30 |
| 126 | + |
12 | 127 | * Fix regression when setting the host-variable in `saml20-idp-hosted` (was #1922) |
13 | 128 |
|
14 | 129 | ## Version 2.2.1 |
|
0 commit comments