Red Hat Single Sign-On 7.5 Update 2 Release Notes
This software patch resolves a number of security defects and customer reported bugs in Red Hat Single Sign-On 7.5. RH-SSO will deliver patches on a repeating schedule to resolve security defects and customer reported bugs. Fixes for RH-SSO 7.5 will continue until RH-SSO 7.6 is released, and at that time maintenance will be delivered on RH-SSO 7.6.
Updated client adapters are released as needed to resolve customer reported issues or security fixes. The adapters are released as needed so often a given cumulative patch version will not have an associated client adapter for all products.
Red Hat Single Sign-On Server component also includes Red Hat JBoss Enterprise Application Platform and this update includes JBoss Enterprise Application Platform 7.4 Update 3 and Update 4. See the JBoss Enterprise Application Platform 7.4 Update 3 Release Notes and JBoss Enterprise Application Platform 7.4 Update 4 Release Notes for a list of changes included in that release.
Download This content is not included.Red Hat Single Sign-On 7.5 Update 2
Resolved Issues
This update includes fixes for the following security related issues:
| ID | Component | Summary |
|---|---|---|
| CVE-2021-45105 | Server | log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern |
This update includes the following bug fixes or changes:
| ID | Component | Summary |
|---|---|---|
| This content is not included.RHSSO-1881 | Server - Storage | deleteExpiredClientSessions very slow on MariaDB |
| This content is not included.RHSSO-1868 | Core | ClassLoaderTheme and ClasspathThemeResourceProviderFactory allows reading any file available as a resource to the classloader |
| This content is not included.RHSSO-1891 | Container - Operator | Operator productisation process to update PodLabels constant for Metering |
| This content is not included.RHSSO-1864 | Server | Show sessions functionality does not work consistently |
| This content is not included.RHSSO-1871 | Server | Add database index to benefit ServiceAccount enabled clients |
| This content is not included.RHSSO-1884 | Admin - Console, OIDC | OpenID Connect Front-Channel Logout support |
| This content is not included.RHSSO-1914 | OIDC | Implement support frontchannel logout on openid-connect |
| This content is not included.RHSSO-1906 | Documentation | TOTP look ahead window is actually a look behind window |
| This content is not included.RHSSO-1926 | Server | Cannot migrate from RH-SSO 7.5.0 to more recent versions of the product in domain mode |
| This content is not included.RHSSO-1913 | Server | Backward compatibility for lower-case bearer type in token responses |
| This content is not included.RHSSO-1927 | Container - Operator | Missing password on user credentials. Allow user password to be auto-generated or set from secret |
| This content is not included.RHSSO-1942 | Server | Save Button Enabled For Empty Attributes |
| This content is not included.RHSSO-1954 | Documentation | RPM upgrade from RH-SSO 7.4 to RH-SSO 7.5 failing |
Installation
Note: This update should only be applied to zip-based installations.
For instructions on applying Red Hat Single Sign-On cumulative patch (also referred to as a Micro Release) see Micro Upgrades in Red Hat Single Sign-On 7.5 Patching And Upgrading Guide.
The adapters are distributed as a full release which is intended to replace the existing adapter. Full details are available in Upgrading Red Hat Single Sign-On Adapters.