Tuesday, April 29, 2014

OpenAM 11.0.1 and Policy Agent 3.3.1 released!

Last night, ForgeRock released OpenAM 11.0.1 and Policy Agent 3.3.1 at the same time!


Earlier today we released an important maintenance and security release available for OpenAM 11.0 as well as earlier versions of OpenAM 10.0.x and 9.5.x. These include fixes that address critical security issues such as Denial of Service attacks and SQL Injection attacks.  
.... 
ForgeRock strongly recommends that all customers update their OpenAM deployments with the updated security patches at the earliest opportunity. We appreciate the contribution from our customers and community members that help us to build the best, most secure product. 




If you are a paid customer and on the latest release of OpenAM, the patch is fairly simple.

  1. Download the appropriate jar for your OpenAM version
  2. Restart your application server


Done. As simple as that. (Well, this is where I feel paid customers should enjoy this convenient service from ForgeRock. Honestly.)


For Policy Agent 3.3.1, the following is the key fixes made:




You can read the Policy Agent 3.3.1 Release Note here.



No comments:

Post a Comment