ForgeRock Maintenance Release and Patch Policy
The purpose of this article is to provide details on the ForgeRock Maintenance Release and Patch policy.
5 readers recommend this article
The ForgeRock Maintenance Release and Patch policy aligns with the EOSL policy (ForgeRock End of Service Life (EOSL) Policy and EOSL Dates | AM, DS and IDM). Maintenance releases are full releases, built upon a prior Minor or Major release. The contents of Maintenance releases are decided entirely at ForgeRock's discretion, but typically include:
- Fixes for critical and security issues
- Fixes for customer reported issues
- Fixes for non-critical issues backported based on their expected customer impact
- It is vital to maintain the security of your ForgeRock deployment, which includes responding to security advisories and taking immediate action where necessary. Undiscovered vulnerabilities may exist in any software, including the ForgeRock Platform and its components.
- Upgrading to a supported version, and keeping up-to-date with Maintenance releases, is the best way to ensure that you remain secure.
Maintenance releases will be provided for the two most recent releases (Major or Minor) of the current Major version.
(Maintenance releases may be provided for other releases of the current Major version, but this is not guaranteed.)
|Previous Version||Maintenance releases will be provided for the final Minor release until it reaches EOSL.|
For example, AM 7.2 may have subsequent AM 7.2.1 and AM 7.2.2 (and so on) Maintenance releases.
Similarly, AM 8 (once released) may have subsequent AM 8.0.1 and AM 8.0.2 (and so on) Maintenance releases.
A T-Patch may be supplied to an individual customer to address specific critical issues until the fix is available in a Major, Minor or Maintenance release. When these fixes are provided in the latest applicable Maintenance release, customers must move to this release.
(A T-Patch may be provided for other releases of the current Major version, but this is not guaranteed.)
|Previous Version||A T-Patch may be provided for the final Maintenance release, but this is not guaranteed.|
|Critical Issue||A critical issue is one where the impact on a customer deployment could potentially be severe.|
|Non-Critical Issue||A non-critical issue is one where the severity of the impact of the issue would be such that it could delay or inconvenience customers without putting their systems at risk of disruption.|
|Security Issue||A security issue is one that meets the definition of ForgeRock's Security Policy. Security issues have four levels: Critical, High, Medium and Low; these levels are defined in the Security Policy.|
|End of Service Life (EOSL)||The EOSL policy describes the different types of releases and the duration of support available: ForgeRock End of Service Life (EOSL) Policy and EOSL Dates | AM, DS and IDM.|
|Backport||A backport is where an issue that has been fixed in a newer version of the product is made available in an older version of the product.|
ForgeRock End of Service Life (EOSL) Policy and EOSL Dates | AM, DS and IDM