Fixes

For information about security issues fixed in this release, see Security Advisories.

Fixes in Java Agent 5.9.1

The following issues were fixed in this release:

  • AMAGENTS-4667: Bug in i18n not-enforced pattern matching

  • AMAGENTS-4655: Align functionality with WPA with regards fragment handling cookie enhancement

  • AMAGENTS-4647: Split out the extended character not enforced bug fix

Fixes in Java Agent 5.9

The following issues were fixed in this release:

  • AMAGENTS-4427: Agent can’t cope with extended characters in the Agent realm

  • AMAGENTS-4424: Agent fails to specify OIDC client when extended characters are used in the Agent profile name

  • AMAGENTS-4423: Installer fails to write extended character profile name into bootstrap properties

  • AMAGENTS-4409: Address Agent session timeout problem when notifications are disabled

  • AMAGENTS-4336: Code around the AM agent token expired problem when getting the session info

  • AMAGENTS-4333: After upgrading to JEE Agent 5.7.0 (from Agent 3.5), agent behavior changes from catch AgentException to catch all Exception

  • AMAGENTS-4312: HTTP_HEADER fetch mode ignores everything but first value

  • AMAGENTS-4311: Redirect loop faced during session upgrade with AcceptSSOToken mode enabled.

  • AMAGENTS-4204: Fragments feature does not work with transaction policy

  • AMAGENTS-4196: When profile attribute is not found agent should continue authorization.

  • AMAGENTS-4177: Cookie Fetch attribute mode does extra request

  • AMAGENTS-4113: Reintroduce the original service resolver property

  • AMAGENTS-4077: Fix Port check regression and make it work in non sso-only mode.

Security Advisories

ForgeRock issues security advisories in collaboration with our customers and the open source community to address any security vulnerabilities transparently and rapidly.

ForgeRock’s security advisory policy governs the process on how security issues are submitted, received, and evaluated as well as the timeline for the issuance of security advisories and patches.

For details of all the security advisories across ForgeRock products, see Security Advisories in the Knowledge Base library.