Skip to content

4.16.0

Choose a tag to compare

View all tags
@gematik1 gematik1 released this 26 Mar 10:26
· 4 commits to master since this release
4.16.0
156f785
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

4.16.0

This release fixes two critical security vulnerbilities. We encourage anyone to update as soon as possible
GHSA-qg87-cf56-2rmr
GHSA-mjgm-7hwc-qqcr

We also refer you to the gematik Fachportal for more information
https://fachportal.gematik.de/telematikinfrastruktur/komponenten-dienste/authenticator

Added

  • Konnektor Gateway sample for connector.sds adjustments regarding Konnektor URLs
  • Konnektor gateway sample kubernetes setup from a real hospital environment added
  • Display a optional warning if a card is expired or about to expire in Auth flow and ECC test
  • Show a FAQ button in Function Test dialog if a possible solution is available
  • Package for better web accessibility
  • Show warning when mock konnektor certificates are expired or not valid yet

Fixed

  • Auto update functionality is removed due to Microsoft/Apple Store usage
  • Brainpool Support for TLS connections to the connector
  • The Authenticator now closes after a successful authentication instead of minimizing to the taskbar
  • Delete obsolete functions and clean up
  • Remove certificate retrieval from OS (Win/Mac) trust stores for Konnektor communication
  • Remove unneeded connector certificates
  • Show a relevant error message when the PinStatus returns error
  • Show the file input required warning in the correct position.

Security

  • Login consent dialog with security hint to protect users against phishing and unauthorized authentication requests.
  • TLS cipher suites for Konnektor communication is restricted to modern and secure ones
Assets 8
Loading