Versions Compared

Old Version 235

changes.mady.by.user Chris Hyzer (upenn.edu)

Saved on

compared with

New Version 236

changes.mady.by.user Chad Redman (unc.edu)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Date

Container tag (version)

Status

Enhancements and bugs fixed in this version, known issues with this version

Upgrade instructions
and notes

Versions
2022/06/22i2incommon/grouper:2.5.63
sha256:a9b40684e0573731
46a4a44c26f3b685ff768a1
1a2b37838dc9293befc0a53f5		RELEASED

1 Jira
GRP-4117 remove unneeded cross joins from membership queries

NoneShib: 3.2.3
Apache: 2.4.6
Tomee: 7.0.9 (8.5.57)
Openjdk: 1.8.0_332
2022/06/13i2incommon/grouper:2.5.62
sha256:9170a8b65f560d65e
9e1966e4b57088f7be027daf
16e914e0c1b696045637895		LATEST STABLE2 Jiras
PSPNG startup error
WS getMemberships paging error		NoneShib: 3.2.3
Apache: 2.4.6
Tomee: 7.0.9 (8.5.57)
Openjdk: 1.8.0_332
2022/02/16i2incommon/grouper:2.5.60
sha256:793a491d4b5693fc2
2032b8f70fef0e43117787f1
bd8526ea9a671bc56e83e0b		RELEASED2 Jiras
Postgres driver security issue		NoneShib: 3.2.3
Apache: 2.4.6
Tomee: 7.0.9 (8.5.57)
Openjdk: 1.8.0_322
2021/12/20i2incommon/grouper:2.5.59.3
sha256:45d8e8608ec07bbd3a
29137ba8e1758364ef20be810
a7a55d28acb7ed92c3604		STABLE

Log4j security problem fixed (again, again)!
Note: the Grouper java version is 2.5.59, the version reported in the UI is 2.5.59.
To verify you have the right version you can see the env var or log4j libs

Code Block
[root@0c8d8738e95a bin]# echo $GROUPER_CONTAINER_VERSION
2.5.59.3
[root@0c8d8738e95a bin]# ls /opt/tomee/bin/log4j*
/opt/tomee/bin/log4j-api-2.17.0.jar  /opt/tomee/bin/log4j-core-2.17.0.jar  /opt/tomee/bin/log4j-jul-2.17.0.jar


NoneShib: 3.2.3
Apache: 2.4.6
Tomee: 7.0.9 (8.5.57)
Openjdk: 1.8.0_312
2021/12/16i2incommon/grouper:2.5.59.2
sha256:6d9b0685f753041f77
b849f136b598af3d380f1b9a
13073dd1f11c74d3475421		STABLE
Log4j security problem (log4j v2.16.0)

Log4j security problem fixed (again)!
Note: the Grouper java version is 2.5.59, the version reported in the UI is 2.5.59.
To verify you have the right version you can see the env var or log4j libs

Code Block
[root@0c8d8738e95a bin]# echo $GROUPER_CONTAINER_VERSION
2.5.59.2
[root@0c8d8738e95a bin]# ls /opt/tomee/bin/log4j*
/opt/tomee/bin/log4j-api-2.16.0.jar  /opt/tomee/bin/log4j-core-2.16.0.jar  /opt/tomee/bin/log4j-jul-2.16.0.jar


NoneShib: 3.2.3
Apache: 2.4.6
Tomee: 7.0.9 (8.5.57)
Openjdk: 1.8.0_312
2021/12/10i2incommon/grouper:2.5.59.1
sha256:5c258cd3c398a47b1e
7c7cba7edc7f682f3d5aedd38
53aa284dfda9ccae99577		STABLE
Log4j security problem (log4j v2.15.0)

Log4j security problem fixed (NOT)!
Note: the Grouper java version is 2.5.59, the version reported in the UI is 2.5.59.
To verify you have the right version you can see the env var or log4j libs

Code Block
[root@0c8d8738e95a bin]# echo $GROUPER_CONTAINER_VERSION
2.5.59.1
[root@0c8d8738e95a bin]# ls /opt/tomee/bin/log4j*
/opt/tomee/bin/log4j-api-2.15.0.jar  /opt/tomee/bin/log4j-core-2.15.0.jar  /opt/tomee/bin/log4j-jul-2.15.0.jar


NoneShib: 3.2.3
Apache: 2.4.6
Tomee: 7.0.9 (8.5.57)
Openjdk: 1.8.0_312
2021/12/08i2incommon/grouper:2.5.59
sha256:347fb78230de81408
1a4ed19929b8dda70d00779
02283184fcd6aecc608f423f		STABLE
Log4j security problem		NoneNoneShib: 3.2.3
Apache: 2.4.6
Tomee: 7.0.9 (8.5.57)
Openjdk: 1.8.0_312
2021/10/20i2incommon/grouper:2.5.58
sha256:5b012b02d72238bb
f7c49ee786510539f62d02b1
a84d674bc411f67d1ee17d50		STABLE
Log4j security problem		4 Jiras
Copy group validation error with invalid (dot) character fix
Object type UI fix
RabbitMQ configuration fix		NoneShib: 3.2.3
Apache: 2.4.6
Tomee: 7.0.9 (8.5.57)
Openjdk: 1.8.0_312
2021/09/17i2incommon/grouper:2.5.57
sha256:9fd575e5f2b8feacf1
b86cdd44779f89b23a7b375
da7fdb1c77c50dd105af24b		STABLE
Log4j security problem		5 Jiras
Provisioning framework fixes
Chrome 93 header fix		NoneShib: 3.2.3
Apache: 2.4.6
Tomee: 7.0.9 (8.5.57)
Openjdk: 1.8.0_302
2021/09/06i2incommon/grouper:2.5.56
sha256:13f32e94d90f83dd6
333fee3abad682b6ecb9179
f688fd614f8c23b57ed31680		STABLE
NO ENHANCEMENTS AFTER 2.5.56
Log4j security problem

6 Jiras
Incremental LDAP attribute provisioning improvements
Auto create LDAP provisioning filters

NoneShib: 3.2.3
Apache: 2.4.6
Tomee: 7.0.9 (8.5.57)
Openjdk: 1.8.0_302
2021/09/01i2incommon/grouper:2.5.55
sha256:13124e45f77733887
20ae1190f86a5e47cb5de4b
a75c8f032b16cf92c2cedc35		RELEASED
Log4j security problem

22 Jiras
Visualization for composites is accessible
Remove container taglib startup errors
OpenLDAP empty member attribute support in provisioning framework
Database migration utility fix
LDAP to SQL utility

3 upgrade instructionsShib: 3.2.3
Apache: 2.4.6
Tomee: 7.0.9 (8.5.57)
Openjdk: 1.8.0_302
2021/07/27i2incommon/grouper:2.5.54
sha256:6fda7bfb9c3998cdc
02b00a3bab63abd4cca3671
6fe701b2b9f13fe1d0554320		STABLE
Log4j security problem

9 Jiras
Azure provisioner in new provisioner framework
Loader screen fix
LDAP new provisioner fix
Resolved version conflicts in okio library between Azure and Duo dependencies

NoneShib: 3.2.3
Apache: 2.4.6
Tomee: 7.0.9 (8.5.57)
Openjdk: 1.8.0_302
2021/07/15i2incommon/grouper:2.5.53
sha256:a144bbedc1d484b3e
b968a973bb1073b0340d0c4
323caa08f7aad8e9460a040b

STABLE

Misc loader screen:  GRP-3530
New prov framework ldap issues: 
GRP-3533GRP-3534
Log4j security problem

25 Jiras
SCIM provisioner for AWS
Reports can generated from GSH
Attestation notifications can be sent to a group
Loader can manage group display names
Can delegate loader management		1 upgrade instructionShib: 3.2.3
Apache: 2.4.6
Tomee: 7.0.9 (8.5.57)
Openjdk: 1.8.0_292
2021/05/27i2incommon/grouper:2.5.52
sha256: a8ecd8a4d953321b
37eacdbe50475295e885a83
ef33598cb1de66a4f277ba160		STABLE
Log4j security problem		27 Jiras
Incremental provisioning performance improvements
Custom UI configuration moved from group attributes to UI wizard and config
GSH template improvements		5 upgrade instructionsShib: 3.2.2
Apache: 2.4.6
Tomee: 7.0.9 (8.5.57)
Openjdk: 1.8.0_292
2021/05/01i2incommon/grouper:2.5.50
sha256:f108efdceaaf875b7c
8879a091557c6a64969545e
633e4e6efe5803b5520a057		STABLE
Log4j security problem		6 Jiras
Loader doesn't create ancestor folders
Incremental LDAP doesn't provision recalc memberships		NoneShib: 3.2.2
Apache: 2.4.6
Tomee: 7.0.9
Openjdk: 1.8.0_292
2021/04/28i2incommon/grouper:2.5.49
sha256:a1d389eb6735d02d4
2c510805c735c05a5824d656
bb6a49034bb19a4eb4cc8ef

RELEASED

Loader issue: GRP-3444

Provisioning: GRP-3445
Log4j security problem

71 Jiras
GSH template updates / fixes
Incremental provisioning performance improvements
Attribute propagation re-write (e.g. "types" daemon)
New default validation on Grouper object system names (see upgrade instructions)		4 upgrade instructionsShib: 3.2.2
Apache: 2.4.6
Tomee: 7.0.9
Openjdk: 1.8.0_292
2021/03/29i2incommon/grouper:2.5.47
sha256:e1523aed42d6af97f
14267fa31ad0ac765c32831
6c9d3d52e1ab9483508c17de

RELEASED

GSH bugs: GRP-3349
GRP-3348GRP-3350

For GSH templates use 2.5.50+
Log4j security problem

46 Jiras
Bushy LDAP provisioning
GSH api additions / improvements
Email enhancements

1 upgrade instructionShib: 3.2.1
Apache: 2.4.6
Tomee: 7.0.9
Openjdk: 1.8.0_282
2021/03/18i2incommon/grouper:2.5.46
sha256:e19f928406355cb54
08ba7f271f6915b3db5ef856
2a25ef15458b94d8dc9469a

RELEASED

For GSH templates use 2.5.50+
Log4j security problem

14 Jiras
Small fix with provisioning and GSH templates

NoneShib: 3.2.1
Apache: 2.4.6
Tomee: 7.0.9
Openjdk: 1.8.0_282
2021/03/17i2incommon/grouper:2.5.45
sha256:f94bfdf83fc5bd55d3
11164dd77dcf36f4efde8629
b85ea264a55c63528328db

RELEASED

For GSH templates use 2.5.50+
Log4j security problem

33 Jiras
GSH templates can be run from UI
Provisionable groups and folders improved
Provisioning diagnostics starting point
Grouper client can be used in multi-app JVM
Upgrade mysql/postgres drivers and improve quartz pooling		2 upgrade instructionsShib: 3.2.1
Apache: 2.4.6
Tomee: 7.0.9
Openjdk: 1.8.0_282
2021/03/03i2incommon/grouper:2.5.44
sha256:1953b5475f237aba6
44a53124643686d407c7f8e5
8ee12ceaec8db9d815435d1		RELEASED
Log4j security problem

29 Jiras
GSH templates and WS enhancements
Sync to Grouper from another Grouper or SQL enhancements
JDBC/Hibernate fetch size bumped up to 1000 (oracle performance improvement)

NoneShib: 3.2.0
Apache: 2.4.6
Tomee: 7.0.9
Openjdk: 1.8.0_282
2021/02/24i2incommon/grouper:2.5.43
grouper@sha256:20ab5adf6c2
8834c8945cf6df449a67f4df19a
162a9bfccd865918206c34a3b0		STABLE
Log4j security problem		12 Jiras
GSH templates and WS
Sync various objects to Grouper via SQL or another Grouper instance
GSH scripts in daemon can have blocks on multiple lines
Grouper external subject source issue resolved		2 upgrade instructionsShib: 3.2.0
Apache: 2.4.6
Tomee: 7.0.9
Openjdk: 1.8.0_282
2021/02/12i2incommon/grouper:2.5.42
grouper@sha256:00cd2a6d4ba
c27025f679ebdcf8a8a372403c2
0da6fa3147dcee320018a8cd2d
STABLE

(if you do not use Grouper
external subject source)
Log4j security problem		13 Jiras
Provisioning improvements
LDAP loader improvements
MembershipFinder enhancements		NoneShib: 3.2.0
Apache: 2.4.6
Tomee: 7.0.9
Openjdk: 1.8.0_282
2021/02/01i2incommon/grouper:2.5.41
sha256:bb21a34ad75a9fa3a7
5596645ffc75c4a53d3c3bbe
5b13de8180ac4311919990
STABLE

(if you do not use Grouper
external subject source)
Log4j security problem

Known issue: GRP-3118 (grouperExternal subject source broken)

14 Jiras
Azure legacy provisioner is tested and works
Fix provisioning membership issues
LDAP provisioning metadata via configuration (and not testing metadata)
Container updates for SSL

1 upgrade instructionShib: 3.2.0
Apache: 2.4.6
Tomee: 7.0.9
Openjdk: 1.8.0_282
2021/01/27i2incommon/grouper:2.5.40
sha256:74f445fb55dea3821
58b79ff88d5d1d27bdbb604
a7fbb4d18bf39402e6c70ce7

STABLE

(Azure CLC provisioning
might not work)
Log4j security problem

33 Jiras
Subject source wizard (experimental)
Openshift support
Email notifications daemon
Add "manual" and "intermediate" group types
SCIM and Azure provisioners (new framework) (experimental)
Provisioner targets in visualization

2 upgrade instructionsShib: 3.2.0
Apache: 2.4.6
Tomee: 7.0.9
Openjdk: 1.8.0_282
2020/12/09i2incommon/grouper:2.5.39
sha256:df647042eb12ff088a
7cfaff186a387286b23ac782
183923c587daa5f24a47ea
STABLE
Log4j security problem		18 Jiras
Grouper provisioning
LDAP/DB pools dynamically adjust without restart on config change
Custom UI updates
Import members audit improvement		1 upgrade instructionShib: 3.1.0
Apache: 2.4.6
Tomee: 7.0.9
Openjdk: 1.8.0_275
2020/11/09i2incommon/grouper:2.5.37.1
sha256:b1708b7e022472b2e9
055676aefe50a7dd773b053b
2d817ee96369712b56a04a
STABLE
Log4j security problem		GRP-3015 and os updatesNoneShib: 3.1.0
Apache: 2.4.6
Tomee: 7.0.9
Openjdk: 1.8.0_275
2020/10/30i2incommon/grouper:2.5.37
sha256:d384f0c4f67e18be3b
138649050d6d687b16be5a4
76fcc3c65a0280748365a58
SECURITY ISSUE
GRP-3015
Log4j security problem

13 Jiras in total ( -2 bugs, +18 improvements )
Group import screen progress indicator
PSPNG Active Directory large group fix
Security improvement prevents stealing tomee session cookie

NoneShib: 3.1.0
Apache: 2.4.6
Tomee: 7.0.8
Openjdk: 1.8.0_272
2020/11/09i2incommon/grouper:2.5.36.1
sha256:9ba5d138515246b64
a711fafe451fb7a1730f9aee1
3a7d2af4e1355defacedd8
STABLE
Log4j security problem

GRP-3015 and os updates

NoneShib: 3.1.0
Apache: 2.4.6
Tomee: 7.0.8
Openjdk: 1.8.0_275
2020/10/20i2incommon/grouper:2.5.36
sha256:27f50a205208a48c3e
78ef24b62a6480a7460e4270
31b2c4d71bc34e09000ddc
SECURITY ISSUE
GRP-3015
Log4j security problem		26 Jiras in total ( -8 bugs, +18 improvements)
Lots of PSPNG improvements		3 upgrade instructionsShib: 3.1.0
Apache: 2.4.6
Tomee: 7.0.8
Openjdk: 1.8.0_265
2020/09/16

i2incommon/grouper:2.5.35
sha256:158ff566eb4e5b920
8ac881d6dba126e968d34ee
f78192086359cefa8e163e1f

STABLE
Log4j security problem		22 Jiras in total ( -5 bugs+15 Improvements, +2 New Features )2 upgrade instructionsShib: 3.1.0
Apache: 2.4.6
Tomee: 7.0.8
Openjdk: 1.8.0_265
2020/07/21

i2incommon/grouper:2.5.33
sha256:d3c880f3ebd670425
7cab4c423897dfb4feb50442
ef5533e9cafb7b0a43ada50

STABLE
Log4j security problem

Tomee security advisory and update to web profile 7.0.8

48 Jiras in total ( 21 bugs25 Improvements, 2 New Features )

Known issue: Container will not stop/start, you need to rm and run it

7 upgrade instructionsShib: 3.1.0
Apache: 2.4.6
Tomee: 7.0.8
Openjdk: 1.8.0_262
2020/05/18

i2incommon/grouper:2.5.29
sha256:6e57a508dfb83c382
9e0be8e278e663ab59ea305
ea67dab4c84215250da4b395

STABLE
Log4j security problem		API fixes: GRP-2806GRP-2805GRP-2804GRP-2797GRP-2795
Container updates: GRP-2708GRP-2800GRP-2802GRP-2803
Google provisioner: GRP-2788GRP-2789
12 Jiras in total		None

Shib: 3.1.0
Apache: 2.4.6
Tomee: 7.0.7
Openjdk: 1.8.0_252

2020/05/13

i2incommon/grouper:2.5.28
sha256:5377471e210206be3
613e11f095da80d702133998
e4c4a54304d552263434ef2

STABLE
Log4j security problem

Various google provisioner fixes: GRP-2787GRP-2786GRP-2785GRP-2784GRP-2783

GRP-2705: configs in UI show unmasked password for properties not in base config
34 Jiras in total

2 upgrade instructions


2020/05/05i2incommon/grouper:2.5.27
sha256:3bad2b55e0e83092
f74de33e2cccc31290802414
4ecd6f515e7ddc5d1bd46b7b

STABLE
Log4j security problem

GRP-2723: Grace periods
GRP-2744: Grouper quickstart
GRP-2709: Database migration utility
GRP-2712: Fix attribute def name editing
GRP-2711: Search with magnifying glass doesn't work
34 Jiras in total

Known issues
 GRP-2757: Mysql unix needs recent memberships loader job tweak
GRP-2762: grouper-ui.properties config editor in UI problem
GRP-2767: env vars in container that end in _FILE need tweak


6 upgrade instructions


2020/05/04i2incommon/grouper:2.5.26
sha256:65c937260c3914bdb
75d277d8aa08257fa7016b9a
5675188bd3362c4079b14c8

NOT STABLE
Log4j security problem


Known issues
 GRP-2748: Multiple contexts causes issues
GRP-2750:the first upgrade to 2.5.26 doesnt exit if running gsh -registry (kicks off daemon)

None


2020/04/21i 2incommon/grouper:2.5.23
sha256:2d5b05d6cbd006e1
5c28f423757122a8837b20c
38044dfcda524f12fae7d95b4

STABLE
Log4j security problem

Various Azure provisioner updates: GRP-2691GRP-2670GRP-2668GRP-2669GRP-2671
GRP-2680: "other job" that can run sql or gsh scripts
GRP-2683: Package base properties into their respective jars
GRP-2685: update gantt chart
31 Jiras in total

Known issues
 GRP-2712: Attribute def name editing is wrong
GRP-2711: Search with magnifying glass doesn't work

5 upgrade instructions


2020/04/08 i2incommon/grouper:2.5.22
sha256:b675bb410bf873483
497b9b231e7a5db208645e5
8a3a42a8048381a33b79fd19

STABLE

2.5 initial release
Log4j security problem

Bugs fixed in this version
 GRP-2657: grouperClient requires commons-lang
GRP-2654: pspng error on wrong slf4j libraries
GRP-2658: take /opt/grouper/conf and /opt/grouper/lib out of installer
GRP-2661: gsh init fails on gsh.sh -registry -check -runscript -noprompt

Enhancements fixed in this version
GRP-2646: make a new gsh entrypoint if not auto upgrading DDL to run install or upgrade

Known issues
 GRP-2712GRP-2711

2.5 DDL changes
2020/04/07i2incommon/grouper:2.5.20
sha256:6b9e4b9272d06bee
aedba25bc4459729c98432e
a5f37b111a57d7fa97c8e78a3
NOT STABLE
Log4j security problem		Bugs fixed in this version: GRP-2648GRP-2642GRP-2651, GRP-2556
Known issues with this version:  GRP-2657, GRP-2654GRP-2658


2020/04/05i2incommon/grouper:2.5.19NOT STABLE
Log4j security problem

Bugs fixed in this version:  GRP-2635, GRP-2636GRP-2638GRP-2637GRP-2641 



2020/04/01i2incommon/grouper:2.5.15NOT STABLE
Log4j security problem

Enhancements:   GRP-2630, GRP-2634 
Bugs fixed in this version:  GRP-2629 
Known issues with this version:  GRP-2635GRP-2636 



2020/03/31i2incommon/grouper:2.5.14NOT STABLE
Log4j security problem		Known issues with this version:  GRP-2629

...