Releases: OpenIdentityPlatform/OpenDJ
Releases · OpenIdentityPlatform/OpenDJ
5.0.4
What's Changed
- CVE-2025-24970 SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine by @vharseko in #588
- CVE‐2025‐12194 While the situation with the JVM garbage collector overrun for Java 17 and Java 21 greatly improved with the changes in 2.1.1, we’ve still had some reports that can only be related to the use of the disposal daemon by @prthakre in #593
- [#590] Fallback to $HOME/tmp dir as a temp if instance root is mounted as noexec by @maximthomas in #591
- Bump logback to 1.5.32 by @prthakre in #595
- Migrate to caffeine 3 by @prthakre in #594
- Update commons.version from 3.0.2 to 3.0.4 by @vharseko in #597
- Docs: fix short version in the upgrade guide by @maximthomas in #592
Full Changelog: 5.0.3...5.0.4
Contributors
vharseko, maximthomas, and prthakre
Assets 12
5.0.3
What's Changed
- CVE-2026-1225 Logback allows an attacker to instantiate classes already present on the class path by @maximthomas in #583
- Fix three and more nodes replication process stuck error by @maximthomas in #584 thanks @FireBurn
- Update org.openidentityplatform.commons to 3.0.2 by @vharseko in #581
- Docs: update supported Java version by @maximthomas in #580
Full Changelog: 5.0.2...5.0.3
Contributors
FireBurn, vharseko, and maximthomas
Assets 12
5.0.2
What's Changed
- [#575] FIX unable to install: UnsatisfiedLinkError: /tmp/bc-fips by @maximthomas in #576 thanks @muralicbe1983
- [#577] Windows upgrading with Upgrade.bat: an error with "" unexpected by @vharseko in #578 thanks @marcdegasperi
- [#573] Added the SAMPLE_DATA Docker environment variable to generate sample data during setup. by @maximthomas in #574
Full Changelog: 5.0.1...5.0.2
Contributors
vharseko, marcdegasperi, and 2 other contributors
Assets 12
5.0.1
What's Changed
- Update target JDK to 11 and move to JakartaEE 9 by @maximthomas in #532
- Add support LTS JDK 25 by @vharseko in #555
- Update base docker image Java version to 25 LTS by @maximthomas in #564
- CVE-2025-12194 Bouncy Castle Vulnerable to Uncontrolled Resource Consumption by @dependabot[bot] in #569
- CVE-2025-59250 JDBC Driver for SQL Server has improper input validation issue by @dependabot[bot] in #570
- CVE-2025-11226 logback-core is vulnerable to Arbitrary Code Execution through file processing by @dependabot[bot] in #568
- Switch from sun.security.x509 to Bouncy Castle API by @maximthomas in #560
- Update OpenDMK external library to fix SNMP monitoring by @maximthomas in #572
- Build & deploy: add branch sustaining/4.10.x by @vharseko in #556
- Make GrizzlyLDAPListener close in a synchronous fasion to prevent test race conditions by @vharseko in #557
- [#141] Test large replication pending changes by @maximthomas in #561
- FIX bindFreePort Bind Unable to bind to a free port by @vharseko in #559
- Fix unavailable monitoring attributes over JMX by @vharseko in #558
- Bump org.openidentityplatform.commons to 3.0.1 by @vharseko in #571
- Improve ReplicationDomainTest stability by @maximthomas in #565
Full Changelog: 4.10.2...5.0.1
Contributors
vharseko, maximthomas, and dependabot
Assets 12
4.10.2
What's Changed
- CVE-2025-9092 CVE-2025-9340 CVE-2025-9341 Uncontrolled Resource Consumption vulnerability by @maximthomas in #546
- [#545] Add GroupManager writeLock performance by @vharseko in #551
- [#540] Fix OnDiskMergeImporter::PhaseOneWriteableTransaction: update over put (referral attr) by @vharseko in #541
- [#544] Add requires-admin-action component-restart for max-request-size by @vharseko in #552
- Update Java minimum version number in the setup UI by @maximthomas in #542
- Update README.md: add backers and sponsors by @vharseko in #543
- ISSUE_TEMPLATE: add "Vote to raise the priority" by @vharseko in #547
- Bump commons.version 2.4.1 by @vharseko in #553
Full Changelog: 4.10.1...4.10.2
Contributors
vharseko and maximthomas
Assets 12
4.10.1
What's Changed
- [#529] FIX jdbc connection deadlock by @vharseko in #533
- [#530] Fixed error when creating a backend for BASE_DN with OU in Docker by @maximthomas in #531
- Docker: Fix issues with quoting params by @prthakre in #537
Full Changelog: 4.10.0...4.10.1
Contributors
vharseko, maximthomas, and prthakre
Assets 12
4.10.0
What's Changed
- [#462] RFC5805 Lightweight Directory Access Protocol (LDAP) Transactions by @vharseko in #469
- CVE-2025-49146 pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration by @vharseko in #522
- Bump io.reactivex.rxjava to 3.x by @prthakre in #504
- Bump various dependencies by @prthakre in #508
- Bump commons to 2.2.5 by @maximthomas in #518
- Take Glassfish Grizzly version from commons by @maximthomas in #520
- Bump bc.fips to 2.1.x by @prthakre in #505
- Bump commons.version 2.3.0 by @vharseko in #521
- Deploy: migrating from Legacy OSSRH to Central Portal by @vharseko in #523
- Fix OSGI bundle excluded package error for rxjava3 by @maximthomas in #524
- Exclude BouncyCastle from OSGI Import-Package by @maximthomas in #526
- Fix makeldif templates: add objectClass to baseDN by @vharseko in #527
- Bump org.openidentityplatform.commons 2.4.0 by @vharseko in #528
Full Changelog: 4.9.4...4.10.0
Contributors
vharseko, maximthomas, and prthakre
Assets 12
4.9.4
What's Changed
- Configure backend type for Docker by @maximthomas in #489
- Docs: update OpenDJ release version to 4.9.3 by @maximthomas in #488
- Add OpenDJ Docker tests to the build process by @maximthomas in #490
- Fix docker env variables + add VERSION autodetect by @vharseko in #493
- Set isRunning later (EmbeddedServer check) by @vharseko in #494
- Bump org.openidentityplatform.commons to 2.2.4 by @vharseko in #495
- [#498] FIX warning output from export-ldif: "grep: warning: stray \ before -" by @pzygielo in #499
- move Java args to java.properties, upgrade docker alpine by @maximthomas in #502
- [#497] Set the same indexes for a new backend as for the initial backend by @maximthomas in #501
- Add support Java SE 24 by @vharseko in #500
- Bump test containers & cassandra driver by @prthakre in #506
- [#496] FIX MySQL truncate PK default to 64 len by @vharseko in #509
- [#496] FIX JDBC storage update concurrency by @vharseko in #512
- FIX Replication IT tests unstable result by @vharseko in #514
New Contributors
Full Changelog: 4.9.3...4.9.4
Contributors
vharseko, maximthomas, and 2 other contributors
Assets 12
4.9.3
What's Changed
- CVE-2025-27497 Fix Denial of Service (Dos) using alias loop (thanks @hannes96)
- [#477] Change permission config.ldif.startok to owner by @vharseko in #479 (thanks @kranskydog)
- [#208] FIX The definition for the attribute type declared that it should use the syntax which is not defined in the schema by @vharseko in #483
- Documentation update by @maximthomas in #480
- Docs: Generate and publish javadoc by @maximthomas in #482
Full Changelog: 4.9.2...4.9.3
Contributors
hannes96, vharseko, and 2 other contributors
Assets 12
4.9.2
What's Changed
- [#465] Fix custom library loading when put to the lib directory by @maximthomas in #467
- [#463] Disable warning message on downstream closed by @vharseko in #468
- [#471] Fix table name truncate: make jdbc table 63 charter by @vharseko in #473
- [#466] JDBC: added tests for Oracle, MySQL, MSSQL by @maximthomas in #472
- [#466] FIX compatibility jdbc backend: Postgres, Oracle, MySQL, MSSQL by @vharseko in #474
- [#471] PluggableBackendImplTestCase: add duplicate mail test by @vharseko in #475
- IT ReplicationDomainTest upper waitEndExport timeout by @vharseko in #476
- Update year in generated documentation templates by @maximthomas in #464
- Update documentation issues and update links by @maximthomas in #470
Full Changelog: 4.9.1...4.9.2
Contributors
vharseko and maximthomas