16.0.3
What's Changed
- Update target JDK to 11 and move to JakartaEE 9 by @maximthomas in #889
- Add support LTS JDK 25 by @vharseko in #924
- Update base docker image Java version to 25 LTS by @maximthomas in #927
- CVE-2023-45133: Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code by @maximthomas in #922
- CVE-2024-53382 PrismJS DOM Clobbering vulnerability (update swagger-ui) by @maximthomas in #923
- CVE-2025-64099 Using arbitrary OIDC requested claims values in id_token and user_info is allowed
- Fix OAuth2 issues: Restore 'none' token endpoint auth method. Do not add default openid scope if non-empty. by @maximthomas in #926
- Shade BC libs to avoid conflict with BC FIPS by @maximthomas in #930
- [#931] Update OpenDMK external library to fix SNMP monitoring by @maximthomas in #932
- Update org.openidentityplatform.opendj to 5.0.1 by @vharseko in #933
- Fix documentation auth modules duplicate attributes by @maximthomas in #921
- Build & deploy: add branch sustaining/15.2.x by @vharseko in #925
- Set the project version for transformed artifacts. by @maximthomas in #934
Full Changelog: 15.2.2...16.0.3
Contributors
vharseko and maximthomas