v75.14.0 - UAA Release v75.14.0
·
2095 commits
to develop
since this release
Security Fixes
- Bump to UAA v75.14.0, which:
- Addresses CVE with Log4j library and its prior incomplete fix by bumping to log4j2
2.17.1 - Upgrades Newrelic to version 7.5.0
- Fixes an issue where the previous fix for CVE-2021-22098 can be bypassed by using multiple '@' chars in the redirect URI for some endpoints PR