All Versions
57
Latest Version
Avg Release Cycle
47 days
Latest Release
1125 days ago
Changelog History
Page 4
Changelog History
Page 4
-
v5.1.13.RELEASE Changes
October 07, 2020๐ฑ ๐ Bug Fixes
- ๐ SpringSecurityCoreVersion.java getSpringVersion() method does not close stream. #9059
โฌ๏ธ ๐จ Dependency Upgrades
- ๐ Update to Spring Boot 2.1.17.RELEASE #9078
- โก๏ธ Update to Hibernate Validator 6.0.21 #9077
- โก๏ธ Update to org.aspectj 1.9.6 #9076
- โก๏ธ Update to GAE 1.9.82 #9075
- โก๏ธ Update to Jackson Databind 2.9.10.6 #9074
- โก๏ธ Update to Spring Data Lovelace-SR20 #9073
- โก๏ธ Update to Spring Framework 5.1.18 #9072
- โก๏ธ Update to Reactor Californium-SR21 #9071
-
v5.1.12.RELEASE Changes
August 05, 2020๐ฑ โญ New Features
- โ Add logging #8891
- ๐ Document improvement for configure(WebSecurity web) and configure(HttpSecurity http) #8857
- ๐ Use Github Actions PR pipeline and remove Travis for 5.1.x #8722
- ๐ Use Github Actions PR pipeline in 5.1.x #8717
๐ฑ ๐ Bug Fixes
- ๐ ServerBearerTokenAuthenticationConverter throws exceptions instead of signalling error #8898
- ๐ Resolved bearer token has no padding indicators #8839
- ๐ Fix ProviderManager Javadoc typo #8813
- ๐ LoginPageGeneratingWebFilter should honor context path #8810
- ๐ RoleHierarchy is not used by AbstractAuthorizeTag #8681
- ๐ OAuth2AuthorizationCodeGrantWebFilter should handle OAuth2AuthorizationException #8674
โฌ๏ธ ๐จ Dependency Upgrades
- โก๏ธ Update to Spring Ldap 2.3.3 #8943
- โก๏ธ Update to Hibernate Validator 6.0.20 #8942
- โก๏ธ Update to Hibernate Entitymanager 5.3.17 #8941
- โก๏ธ Update to Groovy 2.4.20 #8940
- ๐ Update to Spring Boot 2.1.16.RELEASE #8939
- โก๏ธ Update to Google App Engine 1.9.81 #8938
- โก๏ธ Update to Jackson Databind 2.9.10.5 #8937
- โก๏ธ Update to Project Reactor Californium-SR20 #8936
- โก๏ธ Update to Spring Framework 5.1.17 #8935
- โก๏ธ Update to Spring Data Lovelace-SR19 #8934
๐ฑ โค๏ธ Contributors
๐ We'd like to thank all the contributors who worked on this release!
-
v5.1.11.RELEASE Changes
June 03, 2020๐ฑ โญ New Features
- ๐ HTTP Host header attack #8641
๐ฑ ๐ Bug Fixes
- โ Remove unused field 'digester' in Md4PasswordEncoder #8577
- ๐ ACL : AclImpl.hashCode leads to StackOverflowError #8571
- ๐ Blocking in WebSessionServerCsrfTokenRepository #8546
- ๐ Fix AntPathRequestMatcher Javadoc #8528
- ๐ Document NoOpPasswordEncoder will not be removed #8523
- ๐ Fix non-standard HTTP method for CsrfWebFilter #8517
โฌ๏ธ ๐จ Dependency Upgrades
-
v5.1.10.RELEASE Changes
May 06, 2020๐ฑ โญ New Features
- ๐ BCryptPasswordEncoder.encode() throws NPE #8347
๐ฑ ๐ Bug Fixes
- ๐ Fix Javadoc punctuation #8496
- โ Add ROLE_INFRASTRUCTURE to infrastructure beans #8440
- ๐ SEC-2664: ActiveDirectoryLdapAuthenticationProvider should wrap communication exceptions in InternalAuthenticationServiceException #8431
- ๐ Fix typo with correct capitalization #8410
- ๐ Global ServerSecurityContextRepository ignored by logout #8388
- ๐ Fix example in javadoc of FilterChainProxy #8353
- ๐ Fix typo in Javadoc of ServerHttpSecurity#hasAuthority #8339
- ๐ Java Doc of org.springframework.security.config.annotation.web.builders.HttpSecurity contains grammatical errors #8313
โฌ๏ธ ๐จ Dependency Upgrades
-
v5.1.9.RELEASE Changes
April 01, 2020๐ฑ โญ๏ธ New Features
- ๐ OAuth2LoginAuthenticationProvider uses OAuth2AuthorizationCodeAuthenticationProvider #8236
- ๐ SwitchUserFilter vulnerable to CSRF #8224
- ๐ Update Encryptors documentation for standard and stronger #8215
- ๐ Typo 'properites' -> 'properties' in documentation #8100
- ๐ Typo 'hasPermision()' in GlobalMethodSecurityBeanDefinitionParser.java #8068
- โ Remove unwanted code #7949
๐ฑ ๐ Bug Fixes
- ๐ HttpServletRequest.logout() not functioning #8242
- ๐ oauth2Login WebFlux should not auto-redirect for XHR request #8203
- ๐ Make OAuth2ErrorHttpMessageConverter more resilient #8181
- ๐ Fix typo in Javadoc of HttpSecurity#csrf() #8135
- ๐ Fix typo in AntPathRequestMatcher contructor comment #8046
- ๐ An AuthenticationManager is required. Oauth2ResourceServer + anonymous disable #8043
- ๐ OAuth2 access token response parsing fails with nested JSON object #8022
- ๐ OAuth2AuthorizationCodeGrantWebFilter should also match on query parameters #7968
- ๐ OAuth2AuthorizationCodeGrantFilter should also match on query parameters #7965
โฌ๏ธ ๐จ Dependency Upgrades
- โก๏ธ Update to httpclient 4.5.12 #8294
- โก๏ธ Update to hibernate-validator 6.0.19.Final #8293
- โก๏ธ Update to reactive-streams 1.0.3 #8292
- โก๏ธ Update to hibernate-core 5.2.18.Final #8291
- โก๏ธ Update to groovy 2.4.19 #8290
- โก๏ธ Update to unboundid-ldapsdk 4.0.14 #8289
- โก๏ธ Update to okhttp 3.12.10 #8288
- โก๏ธ Update to mockwebserver 3.12.10 #8287
- โก๏ธ Update to org.powermock 2.0.6 #8286
- ๐ Update to Spring Boot 2.1.13.RELEASE #8285
- โก๏ธ Update to GAE 1.9.79 #8284
- โก๏ธ Update to Reactor Californium-SR17 #8283
- โก๏ธ Update to Spring Data Lovelace-SR16 #8282
- ๐ Update to Spring Framework 5.1.14.RELEASE #8281
- โก๏ธ Update to Jetty 9.4.22.v20191022 #8093
๐ฑ โค๏ธ Contributors
๐ We'd like to thank all the contributors who worked on this release!
-
v5.1.8.RELEASE Changes
February 05, 2020๐ฑ โญ๏ธ New Features
- โ Remove redundant validation for redirect-uri #7708
- ๐ WebClient support should get new access token when expired and client_credentials #7685
๐ฑ ๐ Bug Fixes
- ๐ Default LDIF file not picked up in LDAP "unboundid" mode #7853
- ๐ CompositeServerHttpHeadersWriter Should Execute Sequentially #7735
- ๐ DelegatingServerAuthenticationSuccessHandler Should Execute Sequentially #7730
- ๐ DelegatingServerLogoutHandler Should Execute Sequentially #7727
- ๐ WebFlux oauth2Login returns 500 when bad client credentials #7704
โฌ๏ธ ๐จ Dependency Upgrades
- โก๏ธ Update to Spring Boot 2.1.12 #7923
- โก๏ธ Update to org.slf4j 1.7.30 #7922
- โก๏ธ Update to org.powermock 2.0.5 #7921
- โก๏ธ Update to hibernate-validator 6.0.18.Final #7920
- โก๏ธ Update to hibernate-entitymanager 5.3.15.Final #7919
- โก๏ธ Update to org.bouncycastle:bcpkix-jdk15on 1.64 #7918
- โก๏ธ Update to org.aspectj 1.9.5 #7917
- โก๏ธ Update to httpclient 4.5.11 #7916
- โก๏ธ Update to com.squareup.okhttp3 3.12.8 #7915
- โก๏ธ Update to Jackson 2.9.10 #7914
- โก๏ธ Update to Reactor Californium-SR15 #7913
- โก๏ธ Update to Spring Data Lovelace SR15 #7912
- โก๏ธ Update to Spring Framework 5.1.13 #7911
-
v5.1.7.RELEASE Changes
November 04, 2019๐ฑ โญ๏ธ New Features
- ๐ CookieServerCsrfRepositoryTests should not start domain with a dot #7501
- ๐ Fix docs typo WebSecurityConfigurationAdapter->WebSecurityConfigurerAdapter #7225
๐ฑ ๐ Bug Fixes
- ๐ OAuth2AuthorizationCodeGrantWebFilter should not restrict redirect-uri #7469
- ๐ RequestContextSubscriber could put null value in Reactor Context #7410
- ๐ OAuth2AuthorizationRequest not removed from session #7369
- ๐ InMemoryReactiveClientRegistrationRepository should not use ConcurrentReferenceHashMap #7359
- ๐ NimbusJwtDecoderJwkSupport only sets 'application/json' Accept header #7340
- ๐ SEC-2971: Footnotes are messed up in online docs #7326
- ๐ Confusing example - WebMvcConfigurer vs WebSecurityConfigurerAdapter #7303
- ๐ OnCommittedResponseWrapper fails on static resources served by Tomcat 8.5 #7297
- ๐ Fix WebClient Memory Leaks #7294
- ๐ Ensure filter order is maintained when using springSecurity() along with other filters #7267
- ๐ SessionAuthenticationStrategy make HttpSecurity.sessionManagement().maximumSessions(1) unavailability #7262
- ๐ SEC-2980: Possible race condition in SessionRegistryImpl #7226
-
v5.1.6.RELEASE
August 05, 2019 -
v5.1.5.RELEASE
April 02, 2019 -
v5.1.4.RELEASE
February 13, 2019