All Versions
22
Latest Version
Avg Release Cycle
50 days
Latest Release
858 days ago

Changelog History
Page 3

  • v2.3.6 Changes

    June 15, 2018

    Bugfixes

    • avoid using pipelining for Redis since it produces unreliable results with some Redis implementations (i.e. AWS ElastiCache Redis in clustered mode)
    • 🛠 fix buffer overflow in shm cache key set strcpy; thanks @kyprizel
    • avoid memory leak in redis cache backend when an error occurs authenticating to a Redis server

    Other

    • ➕ add check to detect session cache corruption for server-based caches
    • ➕ add check to detect (static) metadata cache corruption
    • explicitly set kid in encrypted request object; ensures compatibility with cjose >= 0.6.0
    • 🔊 turn missing session_state from warning into a debug statement; do not clutter logs
    • send Basic header in OAuth 2.0 www-authenticate response if Basic auth is the only accepted method (instead of Bearer); thanks @puiterwijk

    Packaging

    • the libcjose 0.5.1 binaries that this module depends on are available from the release 2.3.0 "Assets" section
    • 📦 Ubuntu Xenial packages can also be used on Ubuntu Yakkety, Zesty and Artful; the Debian Wheezy package can be used on Ubuntu Precise

  • v2.3.5 Changes

    May 18, 2018

    Bugfixes

    • avoid values that are too long in shm cache key construction; thanks @kyprizel
    • fix encoding of preserved POST data; see #338; thanks @timpuri

    Other

    Packaging

    • the libcjose 0.5.1 binaries that this module depends on are available from the release 2.3.0 "Assets" section
    • 📦 Ubuntu Xenial packages can also be used on Ubuntu Yakkety, Zesty and Artful; the Debian Wheezy package can be used on Ubuntu Precise