PingFederate 10.3.5 is a cumulative maintenance release for PingFederate 10.3. For a summary of the features introduced in the 10.3 release, see PingFederate 10.3 - June 2021.
Resolved issues
Ticket ID | Description |
---|---|
PF-30272 |
Reduced memory usage during certificate revocation list (CRL) parsing, which speeds up CRL retrieval and avoids memory exhaustion in the case of very large CRLs. |
PF-30450 |
Resolved a potential security vulnerability that is described in security bulletin SECBL021. |
PF-30536 |
Resolved a potential security vulnerability by updating Apache Log4j2 to version 2.17.1. |
PF-30567 |
Fixed a case where the expiry period for SSO transaction state would not be enforced if the server was idle and no new transactions had been initiated since a transaction expired. |
PF-30637 |
Resolved an issue that caused certificate revocation list (CRL) checks to return "issuer not found in trusted CAs store" even though the issuer certificate is present. |