See below on this page for v2.6 release notes (v2.6 build info)
v2.6 builds
These will be marked as stable once they are out for a while without issue and/or as people start using these in production. This is a judgment call by the Grouper team. If you are using a new release please inform us so we can provide better advice.
** As of March 2023, Grouper v4 is the stable no-enhancement version of v2.6 **
Date | Container tag (version) | Status | Upgrade instructions | Versions | Enhancements and bugs fixed in this version, known issues with this version |
|---|---|---|---|---|---|
| 2023/03/13 | Use v4 instead of 2.6... | ||||
| 2022/12/21 | i2incommon/grouper:2.6.19 sha256:9ac3b6d873ab3538 | EXPIRED | None | Shib: 3.4.0 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_352 | 23 Jiras |
| 2022/11/29 | i2incommon/grouper:2.6.18.1 sha256:0ca5989cd63f1576b | EXPIRED | None | Shib: 3.4.0 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_352 | Upstream SP container pointed to new version |
| 2022/11/17 | i2incommon/grouper:2.6.18 sha256:50061942017bb28d | EXPIRED | 2 from v2.6.17 | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_352 | 37 Jiras Upgrade jsoup and jackson for CVE Allow institution specific external systems and provisioners MidPoint metadata Configuration screen multi-delete |
| 2022/11/15 | i2incommon/grouper:2.6.17.2 sha256:f7ec989f43a0e6649 | EXPIRED | None | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_352 | 1 Jira |
| 2022/11/05 | i2incommon/grouper:2.6.17.1 sha256:028315f0041149187 | EXPIRED | None | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_352 | 2 Jiras |
| 2022/11/01 | i2incommon/grouper:2.6.17 sha256:e778807b1ac63440 | EXPIRED | 2 from v2.6.16 | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_352 | 37 Jiras SCIM v2 service rewrite MidPoint provisioner Azure throttling Upgrade libraries with CVEs Do not select all memberships from target if not needed Point In Time improvements By default only delete memberships in provisioning target that Grouper tracks |
| 2022/09/30 | i2incommon/grouper:2.6.16.2 sha256:4207cbc274502d2d0 | EXPIRED | None | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_342 | Fixes some container issues |
| 2022/09/22 | i2incommon/grouper:2.6.16.1 sha256:a92e4cc08ad4be93 Fixes default log level from 2.6.16 | EXPIRED | 3 from v2.6.14 | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_342 | 56 Jiras Run rule if condition with grouper session running with actAs subject Add threads to provisioner actions Make sure batch sizes in azure provisioner are the max they can be Membership requirements enforce eligibility by folder Fix container logging to pipe/file and ENV/USERDATA Add id_index to the members table Add oidc to grouper ui Make findBadMemberships full daemon scale for missing composites |
| 2022/08/15 | i2incommon/grouper:2.6.15.1 if 2.6.15 has issues starting... i2incommon/grouper:2.6.15 sha256:13adebfd7972556d66 | EXPIRED | 1 from v2.6.14 | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_342 | 17 Jiras Fix issues with Azure provisioner Generic improvements on provisioning framework Clickable provisioning error message to go to problem config Provisioning UI improvements |
| 2022/08/10 | i2incommon/grouper:2.6.14 sha256:ecfeb825cc9333c505c | EXPIRED Provisioning issues... | 3 from v2.6.13 | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_342 | 49 Jiras Add provisioning logs to daemon DB logs (can see in UI) Add readSelf group privilege Improve searching and sorting in provisioning Various fixes to Azure provisioner Various fixes to Google provisioner Make sure dont need to be root to assign/read provisionable Upgrade various third party libraries with security advisories |
| 2022/07/26 | i2incommon/grouper:2.6.13 sha256:45368d7f4b5ad33ed0 | EXPIRED | 1 from v2.6.10 | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_342 | 39 Jiras |
| 2022/07/20 | i2incommon/grouper:2.6.10 | NOT STABLE Provisioning issues... | None | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_342 | 54 Jiras Remove unneeded cross joins from membership queries (performance improvement) Trace memberships timeline should show states for additional groups found in events DN override ldap use case (select all groups should select overridden groups) Provisioning membership foreign key blank gives issues Provisioner succeeds when there are errors, should be an error in daemon Add sftp delimited file to SQL job Search/match for groups/entities on multiple attributes and past values Simplify azure provisioning group types Daemon summary should have drop down for run, edit, etc |
| 2022/06/07 | i2incommon/grouper:2.6.9 current: sha256:fa47a3f569b33 initial: sha256:1980818e0be7e482cb | NONPROD RELEASE | 2 from v2.6.8 | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_332 | 101 Jiras Trace membership improvements Start with / scaffolding Refactor provisioning framework configuration Import newlines in configuration Assign enabled / disabled dates during membership add |
| 2022/03/02 | i2incommon/grouper:2.6.8 sha256:1ca28adf3efed3ff52 59fe39f69d121b9e4ad657c b6edf573b3fb3d6e36aa112 | EXPIRED | 3 from v2.6.7.1 | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_322 | 39 Jiras Fix performance issue Fix template config key issue Easily edit certain attributes on group edit screen SQL provisioner refactor Provisioning matching attribute is implicitly required Allow custom appenders and loggers in log4j2.xml file Allow dynamic logging config without restart Fix provisioning counts Loader for Duo users Example for loading groups from WS |
| 2022/02/25 | i2incommon/grouper:2.6.7.1 sha256:c832485253e206ea7 3b5a99c053be19db4d837ee e3bc206c966e8bd34d5acef2 | NOT STABLE | 2 from v2.6.7 | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_322 | 1 Jira |
| 2022/02/18 | i2incommon/grouper:2.6.7 sha256:e663dea8c6b97d849 1415bab7f86b44aa4d86f17 4e522d2d9687a5f5bf6e09fb | NOT STABLE | 1 from v2.6.6 | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_322 | 11 Jiras Logging jar issue Stem view priv doesnt work Precompute stem view privileges for selected users Upgrade MySQL driver |
| 2022/02/16 | i2incommon/grouper:2.6.6 sha256:834a03d8baa2b5e2a a09c137ca378a795fde9dc12 cc11d70fbdb641e76500331 | NOT STABLE | 4 from v2.6.5 | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_322 | 64 Jiras Postgres driver security issue Log4j 1x replaced with secure Log4j 2x Add STEM VIEW privilege and default to people seeing stems they should with high performance Add google provisioner Add Duo "admin role" provisioner ABAC / JEXL scripted groups first pass Add subject_identifer0, subject_identifier1, and subject_email0 to members table Grouper failsafes on loader and provisioning GSH templates are available on group action menu (previously only folders) Action menus re-organized "Copy folder" improvements Subject API attributes can be secured by group Opt-in / opt-out improvements Add OSGI to Grouper |
| 2021/12/20 | i2incommon/grouper:2.6.5.3 sha256:5a22fdf5223054a7ee da0a5a51e2c28e39a7107b82 548131f0958e6696f34f69 | EXPIRED | None | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_312 | Log4j security problem fixed (again, again)! [root@0c8d8738e95a bin]# echo $GROUPER_CONTAINER_VERSION 2.6.5.3 [root@0c8d8738e95a bin]# ls /opt/tomee/bin/log4j* /opt/tomee/bin/log4j-api-2.17.0.jar /opt/tomee/bin/log4j-core-2.17.0.jar /opt/tomee/bin/log4j-jul-2.17.0.jar |
| 2021/12/16 | i2incommon/grouper:2.6.5.2 sha256:7cfc81bc63361e018d 4df6f90bbdba646cb46ab3b 8ad1961907e2955b9c0657d | EXPIRED Log4j security problem (log4j v2.16.0) | None | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_312 | Log4j security problem fixed (NOT)! [root@0c8d8738e95a bin]# echo $GROUPER_CONTAINER_VERSION 2.6.5.2 [root@0c8d8738e95a bin]# ls /opt/tomee/bin/log4j* /opt/tomee/bin/log4j-api-2.16.0.jar /opt/tomee/bin/log4j-core-2.16.0.jar /opt/tomee/bin/log4j-jul-2.16.0.jar |
| 2021/12/10 | i2incommon/grouper:2.6.5.1 sha256:b682761bba2257cf5 0fb0f86dbf7f7e1e6e271ffeb b312097e9017ef2ffd2190 | EXPIRED Log4j security problem (log4j v2.15.0) | None | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_312 | Log4j security problem fixed (NOT)! [root@0c8d8738e95a bin]# echo $GROUPER_CONTAINER_VERSION 2.6.5.1 [root@0c8d8738e95a bin]# ls /opt/tomee/bin/log4j* /opt/tomee/bin/log4j-api-2.15.0.jar /opt/tomee/bin/log4j-core-2.15.0.jar /opt/tomee/bin/log4j-jul-2.15.0.jar |
| 2021/12/09 | i2incommon/grouper:2.6.5 | EXPIRED Log4j security problem | 1 from v2.6.4 | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_312 | 32 Jiras SQL provisioning Provisioning diagnostics improvements "Replace members" improvements Remove hsqldb from Grouper GrouperSystem password can be an environment variable Improved and standardized HTTP and SFTP proxy support Provisioning logging is fixed |
| 2021/10/20 | i2incommon/grouper:2.6.4 sha256:de464e131a0abde51 f91bca23a0200e6fd876dc4d 6586ff86b8b73636ae15308 | EXPIRED Log4j security problem Provisioning logging is broken | 3 from v2.6.0 | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_312 | 21 Jiras JWT self service web service authentication Copy group validation error with invalid (dot) character fix Object type UI fix RabbitMQ configuration fix Improved provisioning logging Improved performance of main Grouper Report Provisioning LDAP configuration improvements Zoom user loader for deprovisioning |
| 2021/09/17 | i2incommon/grouper:2.6.0 sha256:c4aa7a88ae9f2da40 3de30bf27b7e218aa64f9207 fb57dbb6e426be0413ac640 | EXPIRED Log4j security problem | Shib: 3.2.3 Apache: 2.4.6 Tomee: 7.0.9 (8.5.57) Openjdk: 1.8.0_302 | 17 Jiras Provisioning framework fixes Chrome 93 header fix Trusted JWT WS authentication OIDC WS authentication Can import config with textarea |
For more information about upcoming plans, see the Grouper Product Roadmap .