This release of the PingDirectoryProxy Server addresses critical issues from earlier versions. Update all affected servers appropriately.
No critical issues have been identified
The following issues have been resolved with this release of the PingDirectoryProxy Server:
Fixed an issue that could cause the server to generate an administrative alert about an uncaught exception when trying to send data on a TLS-encrypted connection that is no longer valid.
Fixed an issue in which the Directory REST API could fail to decode certain credentials when using basic authentication.
Updated the system information monitor provider to restrict the set of environment variables that may be included. Previously, the monitor entry included information about all defined environment variables, as that information can be useful for diagnostic purposes. However, some deployments may include credentials, secret keys, or other sensitive information in environment variables, and that should not be exposed in the monitor. The server will now only include values from a predefined set of environment variables that are expected to be the most useful for troubleshooting problems, and that are not expected to contain sensitive information.
The Security Guide is now available online at pingidentity.com and has been removed from the server packaging.