v2.4.4

• MODLOGSAML-135 Spring4Shell: Update Spring (CVE-2022-22965)
• MODLOGSAML-136 jackson-databind 2.13.2.2 (CVE-2020-36518)
• MODLOGSAML-137 secureValidation vulnerability (CVE-2021-40690)
• MODLOGSAML-107 retry and check 200/500 status

v2.4.3

• MODLOGSAML-107 Delete configuration cache on internal error

v2.4.2

• MODLOGSAML-107 slf4j, web client timeout, Vert.x 4.2.5

v2.4.1

• MODLOGSAML-123 IdP container test
• MODLOGSAML-132 Update to vertx-pac4j 6.0.1 fixing "none" alg tokens (CVE-2021-44878)

v2.4.0

• MODLOGSAML-71 Login via SSO possible even after decryption of SAML assertions fails
• MODLOGSAML-91 Update vertx-pac4j to pac4j v5
• MODLOGSAML-104 SSO settings (configured with user property "Email") always fail to find user by email
• MODLOGSAML-110 /saml/validate NEP 400
• MODLOGSAML-122 Improve code coverage, avoid deprecated API
• MODLOGSAML-124 RMB 33.2.1, Vertx 4.2.1, Log4j 2.15.0 fixing remote execution (CVE-2021-44228)
• MODLOGSAML-128 Update to RMB 33.2.2
• MODLOGSAML-129 Netty 4.1.72, Log4j 2.17.0, Vert.x 4.2.3, RMB 33.2.3
• MODLOGSAML-130 Pac4j 5.2.1, RMB 33.2.4, vertx-pac4j 6.0.0 fixing unsecure token (CVE-2021-44878)

v2.3.2

• MODLOGSAML-129 Netty 4.1.72 (CVE-2021-43797), Log4j 2.17.0, Vert.x 4.2.3, RMB 33.2.3

v2.3.1

• MODLOGSAML-124 RMB 33.2.1, Vertx 4.2.1, Log4j 2.15.0 fixing remote execution (CVE-2021-44228)
• MODLOGSAML-128 Update to RMB 33.2.2 Log4j 2.16.0

v2.3.0

• MODLOGSAML-105 Upgrade to RMB 33.1.1, Vert.x 4.1.4

v2.2.1

• MODLOGSAML-97 Single-Sign-On (SSO) always fails
• Update RMB to 33.0.2 to fix MODLOGSAML-97, see RMB-854 "FORM_ATTRIBUTE_SIZE_MAX is too small"
• Update Vertx to 4.1.0

v2.1.2

• Update RMB to include RMB-854 FORM_ATTRIBUTE_SIZE_MAX is too small
• Above RMB change will fix edge cases of MODLOGSAML-97 Single-Sign-On (SSO) always fails
• Update RMB to 33.0.1
• Update Vertx to 4.1.0