github spring-projects/spring-security 5.3.8.RELEASE

latest releases: 6.4.1, 5.7.14, 5.8.16...
3 years ago

This release fixes a problem with the release of 5.3.7.

⭐ New Features

  • Improve HttpSessionSecurityContextSessionRepository Performance #9391
  • Improve HttpSessionSecurityContextSessionRepository Performance #9389
  • Migrate SAML 2.0 Samples to Use PCFOne #9370
  • Resolve artifacts from Maven Central first #9368
  • Use constant time comparisons for CSRF tokens #9358

🪲 Bug Fixes

  • Fix the 5.3.7.RELEASE
  • OAuth2ResourceServerSpecTests and OAuth2WebClientControllerTests fail #9427
  • CurrentSecurityContextArgumentResolver should configure BeanResolver #9405
  • Fix beanResolver missing in CurrentSecurityContextArgumentResolver. #9404
  • Remove notEmpty check for authorities in DefaultOAuth2User #9397
  • Wrong example name in Spring Security documentation #9384
  • CsrfWebFilter creates CsrfException with incorrect message when no token is found #9339
  • webflux-x509 sample cert needs renewal #9323
  • OidcIdToken cannot be serialized to JSON if token contains claim of type JSONArray #9259

Don't miss a new spring-security release

NewReleases is sending notifications on new releases.