Skip to content

Releases: OpenConext/OpenConext-engineblock

6.4.2

19 Jan 13:01
@MKodde MKodde
6.4.2
7f8873b
This commit was signed with the committer’s verified signature.
MKodde Michiel Kodde
GPG key ID: A05D7AE92B58D7F5
Learn about vigilant mode.
Compare
Choose a tag to compare
6.4.2

Security Update

A bug was present when using trusted proxies. When evaluating the whitelist of the SP behind a trusted proxy, the whitelist of the trusted proxy itself was checked instead of the whitelist of the SP.

In addition to this, some of the translations for the new theme have also been updated

Assets 4
Loading

6.3.7

19 Jan 12:56
@MKodde MKodde
6.3.7
777a229
This commit was signed with the committer’s verified signature.
MKodde Michiel Kodde
GPG key ID: A05D7AE92B58D7F5
Learn about vigilant mode.
Compare
Choose a tag to compare
6.3.7

Security Update

A bug was present when using trusted proxies. When evaluating the whitelist of the SP behind a trusted proxy, the whitelist of the trusted proxy itself was checked instead of the whitelist of the SP.

Assets 4
Loading

6.4.1

11 Jan 10:51
@MKodde MKodde
6.4.1
d0272b9
This commit was signed with the committer’s verified signature.
MKodde Michiel Kodde
GPG key ID: A05D7AE92B58D7F5
Learn about vigilant mode.
Compare
Choose a tag to compare
6.4.1

Features and fixes

  • The index, debug and cookie pages have been styled to prevent the mixed new and old style that happened. They now all look like the previous OpenConext theme used to look.
  • Security and compatibility improvements have been applied.
  • The new theme is now the default theme
Assets 4
Loading

6.4.0

05 Jan 14:14
@MKodde MKodde
6.4.0
329d7d5
This commit was signed with the committer’s verified signature.
MKodde Michiel Kodde
GPG key ID: A05D7AE92B58D7F5
Learn about vigilant mode.
Compare
Choose a tag to compare
6.4.0 Pre-release
Pre-release

This release consists of the UI redesign of the WAYF, Consent and other user facing screens.
The complete list of changes is excessive. Details can be found on GitHub under the ui-redesign tag. Some highlights include:

Features

  • Complete redesign of the WAYF
    • The WAYF now includes an optional default IdP banner, making advertising a default IdP possible (eduId)
    • The WAYF is optimized for keyboard navigation
  • Redesigned the consent screen
    • The previously optional minimal consent screen is now the default
    • Tooltips are now pure HTML/CSS, no eternal JS libraries are used
    • Keyboard navigation was improved greatly
  • Both the WAYF and the consent screen are optimized for the optically or visually impaired. The interface is not yet audited, but a WCAG 2.1 AA is to be expected.

Most, if not all important features are included in this release. For now it is targeted for test, so this is considered a pre-release.

Assets 4
Loading

6.3.6

06 Oct 06:41
@MKodde MKodde
6.3.6
9ceada5
This commit was signed with the committer’s verified signature.
MKodde Michiel Kodde
GPG key ID: A05D7AE92B58D7F5
Learn about vigilant mode.
Compare
Choose a tag to compare
6.3.6

After some testing, @tvdijen opened issue #920, identifying several issues with the 3.6.x releases. Those issues
have been addressed in this release.

Bugfixes

  • Allow responses without NameID #919
  • Add c14n method to the reference transforms in XML metadata. #921
  • Prevent undefined access in Assembler #923

Chore

  • Remove the remaining eduGAIN metada fields #922
Assets 4
Loading

6.3.0.1

06 Oct 14:29
@MKodde MKodde
6.3.0.1
ae8527e
This commit was signed with the committer’s verified signature.
MKodde Michiel Kodde
GPG key ID: A05D7AE92B58D7F5
Learn about vigilant mode.
Compare
Choose a tag to compare
6.3.0.1

This is an intermediate release between 6.3.0 and the rest of the 6.3 release tier.

This release is created in order to move forward with the 6.3.0 release without adding all the other fixes and features that where later added to the 6.3 release branch.

Bugfixes

  • Whether MFA AuthnContext must be added should be based on original SP #893 #894
Assets 4
Loading

6.3.5

23 Sep 08:21
@MKodde MKodde
6.3.5
82e8a9e
This commit was signed with the committer’s verified signature.
MKodde Michiel Kodde
GPG key ID: A05D7AE92B58D7F5
Learn about vigilant mode.
Compare
Choose a tag to compare
6.3.5

Bugfix

  • Clean up unused usage of AuthnRequest destination #898
Assets 4
Loading

6.3.4

16 Sep 07:55
@MKodde MKodde
6.3.4
92782dd
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
6.3.4

Bugfix

  • Whether MFA AuthnContext must be added should be based on
Assets 4
Loading

6.3.3

07 Sep 11:23
@MKodde MKodde
6.3.3
587d676
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
6.3.3

Bugfixes:

  • Move NoPassive response processing up in the ACS proces #890
  • Print the key-id in the SSO locations of the IdP metadata #891

Security

  • Upgrade jpeg-js to v0.4.0 #892
Assets 4
Loading

6.3.2

03 Sep 14:47
@MKodde MKodde
6.3.2
b8f7c1c
This commit was signed with the committer’s verified signature.
MKodde Michiel Kodde
GPG key ID: A05D7AE92B58D7F5
Learn about vigilant mode.
Compare
Choose a tag to compare
6.3.2

Bugfix:

  • Store entityId of issuer, not the value object #889

Features:

  • Migrate existing JavaScript tests to Cypress #887
Assets 4
Loading