Skip to content

v1.3.8
Compare
Choose a tag to compare
@coudot coudot released this 06 Sep 14:37
· 41 commits to master since this release
v1.3.8
7ca741e

⚠️ This release contains fixes for CVE-2020-16093, which concerns LDAP server certificate verification when using LDAPS.

💡 Verification is now forced by default. This behavior can be changed with ldapVerify parameter (set it to allow for example), but this should be a temporary workaround, the good solution is to correctly configure SSL certificate verification.

📃 Changelog:

  • Add ldapVerify option for SSL cert validation (#25)
  • Improve logs (#26)
  • Fix ldap+tls:// regression in 1.3.6 (#27)
  • Add specific error handling for old versions (#28)
Assets 2
Loading