diff --git a/docs/simplesamlphp-changelog.md b/docs/simplesamlphp-changelog.md index f031b49131d5289b3d8d10da93346ac4d5280116..d9be80831af7d3b3142536d32a5abc7f6136da04 100644 --- a/docs/simplesamlphp-changelog.md +++ b/docs/simplesamlphp-changelog.md @@ -8,19 +8,20 @@ See the upgrade notes for specific information about upgrading. ## Version 1.17.3 -Released TBD +Released 2019-07-10 + * Resolved a security issue that could lead to a reflected XSS. See + [SSPSA 201907-01](https://simplesamlphp.org/security/201907-01). * Add new options `session.cookie.samesite` and `language.cookie.samesite` that can be used to set a specific value for the cookies' SameSite attribute. The default it not to set it. * Upgraded jQuery to version 3.4. + * HHVM is no longer supported. * Fixed a bug (#926) where dynamic metadata records where not loaded from a database. - * Removed HHVM from Travis; it is broken beyond repair and no longer supported by Symfony. - * Fixed a minor GUI glitch in auth_status.twig. * Fixed an issue when an error occurs during a passive authentication request. - * Handle duplicate insertion also for SQL Server. + * Handle duplicate insertions for SQL Server. * Fix a bug in Short SSO Interval warning filter. - * Apply workaround for SIGSEGVs on session creation with PHP 7.3. + * Apply a workaround for SIGSEGVs during session creation with PHP-FPM 7.3. ### adfs * Fixed a missing option to supply a passphrase for the ADFS IDP signing certificate. @@ -32,7 +33,7 @@ Released TBD A migration guide for LinkedIn authentication is included in their README. ### saml - * Added support for per-IDP configurable AuthnContextClassRef/AuthnContextComparison. + * Added support for per-IDP configurable `AuthnContextClassRef`/`AuthnContextComparison`. ## Version 1.17.2