The release fixes the following important bugs:

  • OPENDJ-7928: JSON normalization cannot handle nested arrays

  • OPENDJ-7905: Schema replication error after upgrade

  • OPENDJ-7867: NPE if dsbackup bucket name contains underscores

  • OPENDJ-7851: Supportextract tool: clobbers the server.out filehandle when kill -3 is used.

  • OPENDJ-7847: StaticGroup’s objectclass sanity checks are unhelpful

  • OPENDJ-7810: JMX connections are always considered insecure

  • OPENDJ-7761: DS sporadically hangs while reconnecting to an RS

  • OPENDJ-7758: DS 7.0 dsrepl add-local-server-to-pre-7-0-topology: NPE if master-key is in different keystore

  • OPENDJ-7747: ldapmodify display full stack exception on LDIF errors if connection is already established

  • OPENDJ-7737: ConfigurationFramework#initialize0 changes the class loader without clearing the map of registered jar files

  • OPENDJ-7699: Supportextract throws NoSuchElementException when the file is empty

  • OPENDJ-7689: dsrepl add-local-server-to-pre-7-0-topology does not tolerate separate keystore and truststore

  • OPENDJ-7687: Global Access Control Policy regarding cn=schema is too restrictive

  • OPENDJ-7674: Migrating encrypted changelog files during upgrade fails

  • OPENDJ-7655: Replaying multiple MODIFYDN operations is very slow

  • OPENDJ-7612: replication divergence on CTS in the cloud

  • OPENDJ-7599: Cannot add a pre-encoded password to an entry without an existing password

  • OPENDJ-7554: Windows: Secrets not retrieved from :file command-line arguments

  • OPENDJ-7523: Example plugin and example pwdscheme pom.xml are missing correct revision

  • OPENDJ-7513: Missing subSchemaSubEntry attribute from rootDSE access controls

  • OPENDJ-7481: JSON logs do not contain proxy auth DN

  • OPENDJ-7474: Docker sample provides wrong instructions for running the container

  • OPENDJ-7450: The startswith (sw) operator on indexed JSON attribute is slow

  • OPENDJ-7443: AM Identity Store 7.0 Setup profile missing "push2faEnabled" attribute

  • OPENDJ-7436: Backup to the cloud takes too much time

  • OPENDJ-7322: IndexOutOfBoundsException while configuring max-replication-delay-health-check

  • OPENDJ-7288: LDAPS Handlers "SelectorRunner" thread hangs up in Grizzly SSLUtils.sslEngineUnwrap

  • OPENDJ-5927: Server stuck on a DS trying to reconnect to an RS

Security Advisories

ForgeRock issues security advisories in collaboration with our customers and the open source community to address any security vulnerabilities transparently and rapidly.

ForgeRock’s security advisory policy governs the process on how security issues are submitted, received, and evaluated as well as the timeline for the issuance of security advisories and patches.

For details of all the security advisories across ForgeRock products, see Security Advisories in the Knowledge Base library.