Support
ForgeRock Identity Platform
Does not apply to Identity Cloud

ForgeRock Maintenance Release and Patch Policy

Last updated Nov 29, 2022

The purpose of this article is to provide details on the ForgeRock Maintenance Release and Patch policy.


5 readers recommend this article

Overview

The ForgeRock Maintenance Release and Patch policy aligns with the EOSL policy (ForgeRock End of Service Life (EOSL) Policy and EOSL Dates | AM, DS and IDM). Maintenance releases are full releases, built upon a prior Minor or Major release. The contents of Maintenance releases are decided entirely at ForgeRock's discretion, but typically include:

  • Fixes for critical and security issues
  • Fixes for customer reported issues
  • Fixes for non-critical issues backported based on their expected customer impact
Security Note
  • It is vital to maintain the security of your ForgeRock deployment, which includes responding to security advisories and taking immediate action where necessary. Undiscovered vulnerabilities may exist in any software, including the ForgeRock Platform and its components.
  • Upgrading to a supported version, and keeping up-to-date with Maintenance releases, is the best way to ensure that you remain secure.

Maintenance Releases

Versions Maintenance Releases
Current Versions

Maintenance releases will be provided for the two most recent releases (Major or Minor) of the current Major version.

(Maintenance releases may be provided for other releases of the current Major version, but this is not guaranteed.)

Previous Version Maintenance releases will be provided for the final Minor release until it reaches EOSL.

For example, AM 7.2 may have subsequent AM 7.2.1 and AM 7.2.2 (and so on) Maintenance releases.

Similarly, AM 8 (once released) may have subsequent AM 8.0.1 and AM 8.0.2 (and so on) Maintenance releases.

Patches

Versions Patches
Current Versions

A T-Patch may be supplied to an individual customer to address specific critical issues until the fix is available in a Major, Minor or Maintenance release. When these fixes are provided in the latest applicable Maintenance release, customers must move to this release.

(A T-Patch may be provided for other releases of the current Major version, but this is not guaranteed.)

Previous Version A T-Patch may be provided for the final Maintenance release, but this is not guaranteed.

Definitions

Term Definition
Critical Issue A critical issue is one where the impact on a customer deployment could potentially be severe.
Non-Critical Issue A non-critical issue is one where the severity of the impact of the issue would be such that it could delay or inconvenience customers without putting their systems at risk of disruption.
Security Issue A security issue is one that meets the definition of ForgeRock's Security Policy. Security issues have four levels: Critical, High, Medium and Low; these levels are defined in the Security Policy.
End of Service Life (EOSL) The EOSL policy describes the different types of releases and the duration of support available: ForgeRock End of Service Life (EOSL) Policy and EOSL Dates | AM, DS and IDM.
T-Patch A T-Patch represents a temporary fix to a specific issue or set of issues that is provided to a specific ForgeRock customer separately from a maintenance release where the format may differ between products. T-Patches must NOT be shared with other customers.
Backport A backport is where an issue that has been fixed in a newer version of the product is made available in an older version of the product.

See Also

ForgeRock End of Service Life (EOSL) Policy and EOSL Dates | AM, DS and IDM

ForgeRock Products Support and Patch Policies


Copyright and Trademarks Copyright © 2022 ForgeRock, all rights reserved.