diff --git a/docs/simplesamlphp-changelog.txt b/docs/simplesamlphp-changelog.txt index bbce021e91b53faa9a35048c092c9e942fbce5c6..2f67f921d1cd940a03250793b9607b36ee981ef7 100644 --- a/docs/simplesamlphp-changelog.txt +++ b/docs/simplesamlphp-changelog.txt @@ -6,6 +6,58 @@ simpleSAMLphp changelog This document lists the changes between versions of simpleSAMLphp. See the upgrade notes for specific information about upgrading. +## Version 1.13 + +Released TBD. + + * Added the 'remember me' option to the default login page. + * Improved error reporting. + * Added a new 'logging.format' option to control the formatting of the logs. + * Added support for the 'objectguid' binary attribute in LDAP modules. + * Added support for custom search and private attributes read credentials in all LDAP modules. + * Added support for the WantAuthnRequestsSigned option in generated SAML metadata. + * Tracking identifiers are no longer generated based on MD5. + * Several functions, classes and interfaces marked as deprecated. + * Bug fixes and documentation enhancements. + * Updated translations. + +### `adfs` + + * Honour the 'wreply' parameter when redirecting. + +### `aggregator` + + * Fixed an issue when regenerating metadata from certain metadata sources. + +### `discopower` + + * Bug fix. + +### `expirycheck` + + * Translations are now possible for this module. + +### `metarefresh` + + * Use cached metadata if something goes wrong when refreshing feeds. + * Discard only offending entities instead of entire aggregates when metadata parsing goes wrong. + +### `openidProvider` + + * Fix for compatibility with versions of PHP greater or equal to 5.4. + +### `saml` + + * Make it possible to add friendly names to attributes in SP metadata. + * The RSA_1.5 (RSA with PKCS#1 v1.5 padding) encryption algorithm is now blacklisted by default for security reasons. + * Stop checking the 'IDPList' parameter in IdPs. + * Solved an issue that allowed bypassing authentication status checks when presenting an 'IDPList' parameter. + * The 'Destination' attribute is now always sent in logout responses issued by an SP. + +### `sqlauth` + + * Updated documentation to remove bad practice with regard to password storage. + ## Version 1.12 Released 2014-03-24.