The following issues were fixed in this release:
AMAGENTS-4788: WPA doesn’t delete session tracking cookie when running in accept.sso.token mode
AMAGENTS-4737: WPA does not support TLS handshake Server Name Indication extension
AMAGENTS-4716: Agent does not handle SSO tracking cookie enclosed in double quotes
AMAGENTS-4687: Web Agent 5.9.0 crash if configuration fetch fails.
AMAGENTS-4545: nginx agent can crash if graceful restart (reload) is used with load testing.
AMAGENTS-4539: IIS Web Agent doesn’t log reason why PDP file deletion fails.
ForgeRock issues security advisories in collaboration with our customers and the open source community to address any security vulnerabilities transparently and rapidly.
ForgeRock’s security advisory policy governs the process on how security issues are submitted, received, and evaluated as well as the timeline for the issuance of security advisories and patches.
For details of all the security advisories across ForgeRock products, see Security Advisories in the Knowledge Base library.