View Source

See below on this page for v5 release notes (v4 build info). Grouper v5 is the current enhancement version of Grouper where ABAC will be built.

v5 builds

These will be marked as stable once they are out for a while without issue and/or as people start using these in production. This is a judgment call by the Grouper team. If you are using a new release please inform us so we can provide better advice.

Date	Container tag (version)	Status	Upgrade instructions and notes	Versions	Enhancements and bugs fixed in this version, known issues with this version
2024/03/19	i2incommon/grouper:5.9.0 sha256:3b58de6e37117cd3 6c3feac3f8b2b4457ffb0480 28a0f7c3df66cae74331a078	LATEST STABLE	1 from v5.8.5	Tomcat: 8.5.99 Java Corretto: 17.0.10.8.1 Grouper API: 5.9.0	10 Jiras Tomcat security advisory CVE-2024-23672 Grouper session gets lost if not assigned to a variable Add option in container to GROUPER_LOG_TO_STDERR and all logs to go stderr (running tomcat single process) Fix daemon jobs ui last run status for CHANGE_LOG_changeLogTempToChangeLog and CHANGE_LOG_consumer_compositeMemberships Default self signed tomcat cert in v5 should be /opt/container_files/certs/client/localhost.pem
2024/03/10	i2incommon/grouper:5.8.5 sha256:38fa9ded3eddabc75 8d05b0ecbc4f677980f0766 d5f1da90e8dd2c1ff6b87763	STABLE Tomcat security advisory	2 from v5.8.2	Tomcat: 8.5.90 Java Corretto: 17.0.10.8.1 Grouper API: 5.8.5	11 Jiras Memberships created in target without Grouper will not get deleted No open grouper session right after creating one GrouperLoader.runOnceByJobName should run long running jobs once only if running without daemon Warning message for disabled dates too soon to work ABAC fixes
2024/03/02	i2incommon/grouper:5.8.2 sha256:49c47ef7ef7698b24 ef6eec5dbbcfda7e91ea2d35 d8a94e5a927e944c992bb65	STABLE GRP-5350 GRP-5347 Tomcat security advisory	3 from v5.8.1	Tomcat: 8.5.90 Java Corretto: 17.0.10.8.1 Grouper API: 5.8.2	8 Jiras Clean logs on 4.11.0 is not working Cannot delete groups (or maybe other things) as a wheel group member Creating log pipes twice can fail Validate rules periodically manually Stop chmoding cacerts when not able to (openshift) Daemon logs show sub jobs by default for some jobs Add stop daemon calls to composite memberships change log consumer
2024/02/28	i2incommon/grouper:5.8.1 sha256:2e2e02abea72177ff0 95af0c061b3c6a36ac35c47 d8a9ae4b8814a9ad4a4cc46	UNSTABLE GRP-5337 GRP-5335 Tomcat security advisory	3 from v5.7.1	Tomcat: 8.5.90 Java Corretto: 17.0.10.8.1 Grouper API: 5.8.1	30 Jiras Stopping daemon jobs Fix memory issue with provisioner Composite changes - move membership inserts and deletes to daemon SCIM fixes (can manage "active" status instead of delete, adjust scim emails, allow group updates) Can provision group roles and user roles in real time and incremental
2024/01/09	i2incommon/grouper:5.7.1 sha256:314a6bcdf0dc66048 3b016db285b1fb5e00875a97 564b947c00e9d76a90d1956	STABLE Tomcat security advisory	None from 5.7.0	Tomcat: 8.5.90 Java Corretto: 17.0.9.8.1 Grouper API: 5.7.1	21 Jiras TeamDynamix provisioner fixes GSH template dynamic forms enhancements Add progress bar on visualization (with no timeouts) Json recursion error on memory bean Subjob error in scheduler check daemon cant find log map
2024/01/01	i2incommon/grouper:5.7.0 sha256:396eb7b3c5f463dc a437329c07c1317adf6ecffdc 2dc51cedce3b0583bbc0184	RELEASED GRP-5249 GRP-5240 Tomcat security advisory	3 from v5.6.0	Tomcat: 8.5.90 Java Corretto: 17.0.9.8.1 Grouper API: 5.7.0	53 Jiras Data field dictionary Add rewrite valve for tomcat so / redirects to /grouper (or whatever the UI context is) Add tomcat remote IP valve env vars for running v5 behind a load balancer Add https ssl tls for tomcat when running without apache Daemon jobs will log ad error out if JVM dies (and other daemon enhancements) Fixed JSON marshaling issues GSH template dynamic inputs GSH template WS enhancements GSH templates report error line number Daemon status threshold automatically adjusts based on schedule Duo throttling logic should always throttle if http response code is 429... Http client network keep alive connection cleanup Box provisioner enhancements
2023/11/26	i2incommon/grouper:5.6.0 sha256:a3fdda2be8325b80a 508a7c2f4997221e89b7723 a66ff774d7d52ef04410394f	EXPIRED Tomcat security advisory	7 from v5.4.0	Tomcat: 8.5.90 Java Corretto: 17.0.9.8.1 Grouper API: 5.6.0	35 Jiras Update ldaptive to version 2 Add trust anchors to java cacerts Add option to run tomcat as another user Add basic auth to scim provisioning framework Add active flag as attribute for scim users Attributes in group view/edit only handles all value types Group updaters should be able to only attest/clear attestation on groups UI: webpage titles for back button and browser tab Ldap loader LDAP_GROUPS_FROM_ATTRIBUTES should allow specifying parent stem Upgrade various libraries for security and performance
2023/11/04	i2incommon/grouper:5.5.0 sha256:f91ab1c84544184e6 236412d2a565f24db66995a 9d392e54db53b4cfb58f87ca	EXPIRED Tomcat security advisory	1 from v5.4.0	Tomcat: 8.5.90 Java Corretto: 17.0.9.8.1 Grouper API: 5.5.0	27 Jiras Authentication bypass security issue Provisioner External entity attributes not working for incrementals Instrumentation cleanup SFTP improvements Provisioning improvements Simplified UI for GSH templates Default run group or folder does not show for gsh templates Sql/ldap syncs to mysql do not work Exceptions in provisioning should replace null characters before storing to the database In provisioning, if changing entities, if a group is deleted (or recalc'ed), entities could be deprovisioned during incremental In provisioning, if not retrieving all groups at once in full sync, group attribute updates not happening (e.g. description)
2023/10/05	i2incommon/grouper:5.4.0 sha256:b1ca8f3a1d4265a30 59e7ee2323667af93c5f6f55 90578a6a510753c2a45846e	EXPIRED	1 from v5.3.4 Also these	Tomcat: 8.5.90 Java Corretto: 17.0.8.8.1 Grouper API: 5.4.0	81 Jiras Note: only sysadmins can edit jexl scripts on ABAC groups
2023/08/28	i2incommon/grouper:5.3.4 sha256:	EXPIRED	None from 5.3.3	Tomcat: 8.5.90 Java Corretto: 17.0.8.8.1 Grouper API: 5.3.3	20 Jiras
2023/08/21	i2incommon/grouper:5.3.3 sha256:d4d5e1d952e37ebc0 89b2dd5017ea8bb682ef7996 8413b49cfbc0f1c856800d3	EXPIRED	None from 5.2.0	Tomcat: 8.5.90 Java Corretto: 17.0.8.7.1 Grouper API: 5.3.3
2023/06/21	i2incommon/grouper:5.2.0 sha256:6c6ea5d0e51bff31f8 a9882b5edebc7fd2186ea64e e5f4362f5c7262ccd20546	EXPIRED	2 from v5.1.0	Tomcat: 8.5.90 Java Corretto: 17.0.7 Grouper API: 5.2.0	20 Jiras All fixes in 4.4.0 Add internal id to pit tables - groups/members/fields Dont validate abac scripts to UI works, will add back later Fix breadcrumbs for entity data fields Fix issue with abac queries where the dictionary internal ids are not right
2023/06/21	i2incommon/grouper:5.1.0 sha256:2e429e4b8f57fab63b 38905d87aaddf7c717f6beb71 8d57dbb6c4110a0c54e06	EXPIRED	1 from v5.0.3	Tomcat: 8.5.87 Java Corretto: 17.0.7	SQL cache for groups and memberships ABAC attribute queries ABAC group and attribute queries translate securely into SQL
2023/03/28	i2incommon/grouper:5.0.3 sha256: 68b751e3a24394324 3c010c43944b433e9eafe133 ca54cdcaef0d7df205ed5ad	EXPIRED	5 from v4.1.1	Tomcat: 8.5.87 Java Corretto: 17.0.6	Remove Apache Remove Shib SP Remove SOAP WS Remove supervisor Remove log pipes ABAC POC

For more information about upcoming plans, see the Grouper Product Roadmap .

v5 builds

See Also