PingFederate 11.3.5 (February 2024) - PingFederate - 11.3

PingFederate Server

bundle
pingfederate-113
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 11.3
category
Administrator
Administratorguide
Audience
Capability
ContentType
DeploymentMethod
Guide
Product
Productdocumentation
SingleSignonSSO
Software
SystemAdministrator
pf-113
pingfederate
ContentType_ce
Guide
Product documentation
Guide > Administrator Guide

Potential security vulnerability

SecurityPF-34720

Fixed a potential security vulnerability that will be described in a future security advisory.

Potential security vulnerability

SecurityPF-34896

Fixed a potential security vulnerability that will be described in a future security advisory.

Potential security vulnerability

SecurityPF-35081

Fixed a potential security vulnerability that will be described in a future security advisory.

GET SAML request signature processing error

FixedPF-34641

Fixed a defect where SAML request using HTTP GET method with multiple signature-related parameters encoded in the RelayState parameter were causing errors in processing signature validation.

NPE notification error

FixedPF-34813

Fixed a defect that caused PingFederate to issue null pointer exception (NPE) errors when querying the token endpoint.

Reencyption causes connection or client to fail on engine

FixedPF-34409

Fixed a defect where changes made on the administrative console were not replicated to the engine during reencryption.

JMX registration failure for imported archives

FixedPF-34796

Fixed a defect that caused the JMX monitoring to fail to register archive files that are imported to PingFederate.

Content type changes if well_known endpoint response is too large

FixedPF-34865

Fixed a defect that caused the content-type of a response from the well_known endpoint to change from JSON to HTML if a response is too large.

RHEL 8 using OS-level FIPS causes PingFederate failure

FixedPF-34879

Fixed a defect that caused PingFederate to fail on startup when installed on a Red Hat Enterprise Linux (RHEL) server with OS-levels FIPS enabled.

Unable to deobfuscate grant attributes

FixedPF-34839

Fixed a defect where PingFederate was unable to deobfuscate grant attributes of a certain length.

Valid Authorization policy generates "Configuration Error" message

FixedPF-34853

Fixed a defect that caused PingFederate to incorrectly return an "Invalid Configuration" error for a valid authentication policy.