diff options
| author | Jaime Perez Crespo <jaime.perez@uninett.no> | 2016-06-10 15:48:03 +0200 |
|---|---|---|
| committer | Jaime Perez Crespo <jaime.perez@uninett.no> | 2016-06-10 15:48:03 +0200 |
| commit | 4c5e82b94f4da5c52f64a947f1a06ed761242b84 (patch) | |
| tree | 42bc5efcbfee69a2ccd47029080a9c83254738e8 | |
| parent | 2d352ee632ce29096d218a9743f4b334483b60e9 (diff) | |
| download | simplesamlphp-4c5e82b94f4da5c52f64a947f1a06ed761242b84.zip simplesamlphp-4c5e82b94f4da5c52f64a947f1a06ed761242b84.tar.gz simplesamlphp-4c5e82b94f4da5c52f64a947f1a06ed761242b84.tar.bz2 | |
Update the changelog in master.
| -rw-r--r-- | docs/simplesamlphp-changelog.md | 33 |
1 files changed, 31 insertions, 2 deletions
diff --git a/docs/simplesamlphp-changelog.md b/docs/simplesamlphp-changelog.md index 979e9c8..5cf1f56 100644 --- a/docs/simplesamlphp-changelog.md +++ b/docs/simplesamlphp-changelog.md @@ -6,9 +6,39 @@ SimpleSAMLphp changelog This document lists the changes between versions of SimpleSAMLphp. See the upgrade notes for specific information about upgrading. +## Version 1.14.4 + +Released 2016-06-08 + + * Fixed two minor security issues that allowed malicious URLs to be presented to the user in a link. Reported by John Page. + * Fixed issue #366. The LDAP class was trying to authenticate even when no password was provided (using the CAS module). + * Fixed issue #401. The authenticate.php script was printing exceptions instead of throwing them for the exception handler to capture them. + * Fixed issue #399. The size limitation of the TEXT type in MySQL was creating problems in certain setups. + * Fixed issue #5. Incoherent population of the $_SERVER variable was creating broken links when running PHP with FastCGI. + * Other typos and minor bugs: #389, #392. + +## Version 1.14.3 + +Released 2016-04-19 + + * Fixed a bug in the login form that prevented the login button to be displayed in mobile devices. + * Resolved an issue in the PHP session handler that made it impossible to use PHP sessions simultaneously with other applications. + +## Version 1.14.2 + +Released 2016-03-11 + + * Use stable versions of the externalized modules to prevent possible issues when further developing them. + +## Version 1.14.1 + +Released 2016-03-08 + + * Resolved an information leakage security issue in the sanitycheck module. See [SSPSA 201603-01](/security/201603-01). + ## Version 1.14.0 -Released TBD +Released 2016-02-15 ### Security @@ -32,7 +62,6 @@ Released TBD * Added the SAML NameID to the attributes status page, when available. * Added attribute definitions for schacGender (schac), sisSchoolGrade and sisLegalGuardianFor (skolfederation.se). * Attributes required in metadata are now taken into account when parsing. - * Allow regular expression matching of trusted.url.domains. Off by default, set trusted.url.regex to true to enable. ### Bug fixes |