This release brings a host of significant improvements, focusing on security, performance, and functionality. Key highlights include enhanced QR code synchronization, critical security updates, and improved SAML support. These changes reflect our ongoing commitment to providing a secure, efficient, and user-friendly platform.
Highlights:
- Improved QR Code Synchronization (PHX-3475): We have completely revamped the QR code sync implementation, allowing for flexible polling intervals. This ensures that BankID QR codes remain in sync, providing a seamless authentication process.
- Security Enhancements (PHX-3481, PHX-3674): We have addressesd and mitigated several security vulnerabilities (CVE-2020-23064, CVE-2020-11022, CVE-2020-11023, CVE-2019-11358, CVE-2021-23337, CVE-2020-28500, CVE-2024-34342 and CVE-2024-4367). These updates significantly bolster the security of our platform, ensuring a safer environment for our users.
- Enhanced SAML Support (PHX-3494, PHX-3495, PHX-3496, PHX-3497): We have resolved several issues related to SAML bindings and signatures. Our SAML Service Provider (SP) and Identity Provider (IdP) can now handle inbound Redirect-binding for deflated requests, verify detached signatures, and ensure valid signatures on SAMLResponses. These enhancements improve the reliability and security of our SAML integrations.
For a detailed list of all changes and improvements, please read more on our release notes page.