This release of the PingDirectory Server addresses critical issues from earlier versions. Update all affected servers appropriately.
No critical issues have been identified
The following issues have been resolved with this release of the PingDirectory Server:
Fixed an issue that could cause the server to generate an administrative alert about an uncaught exception when trying to send data on a TLS-encrypted connection that is no longer valid.
Changed a validator error to a warning since it was deemed to be relatively harmless. The validator error was "Validator Error: The server experienced an unexpected error. Please report this problem and include this log file. Received an update requiring replication assurance, but without a location option"
Fixed an issue in which the Directory REST API could fail to decode certain credentials when using basic authentication.
Fixed a bug where restoring an incremental backup could result in the server not being able to start.
Updated the system information monitor provider to restrict the set of environment variables that may be included. Previously, the monitor entry included information about all defined environment variables, as that information can be useful for diagnostic purposes. However, some deployments may include credentials, secret keys, or other sensitive information in environment variables, and that should not be exposed in the monitor. The server will now only include values from a predefined set of environment variables that are expected to be the most useful for troubleshooting problems, and that are not expected to contain sensitive information.
The Security Guide is now available online at pingidentity.com and has been removed from the server packaging.