When are you going to release a version that includes Duende version 7.0.6 or higher? #236

gtjsantos · 2024-09-27T08:14:10Z

Duende Software announced in mid-July that they had found a security vulnerability. The full security advisory will be published on July 31st as CVE-2024-39694.

This vulnerability is fixed in the following versions of Duende.IdentityServer:
7.0.6
6.3.10
6.2.5
6.1.8
6.0.5

Our question is when are you going to release a version that includes Duende version 7.0.6 or higher?

skoruba · 2024-09-27T08:31:56Z

I will release soon. thanks! In release 2.4.0.

gtjsantos · 2024-09-27T09:15:52Z

Thanks!

skoruba · 2024-09-29T11:39:11Z

Released in 2.4.0.
Thanks!

gtjsantos added the question Further information is requested label Sep 27, 2024

gtjsantos assigned skoruba Sep 27, 2024

gtjsantos changed the title ~~When you release a new version with Duende Identity Server 7.0.6 os higher?~~ When are you going to release a version that includes Duende version 7.0.6 or higher? Sep 27, 2024

gtjsantos closed this as completed Sep 27, 2024

skoruba mentioned this issue Sep 28, 2024

Release/2.4.0 #237

Merged

6 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

When are you going to release a version that includes Duende version 7.0.6 or higher? #236

When are you going to release a version that includes Duende version 7.0.6 or higher? #236

gtjsantos commented Sep 27, 2024

skoruba commented Sep 27, 2024

gtjsantos commented Sep 27, 2024

skoruba commented Sep 29, 2024

When are you going to release a version that includes Duende version 7.0.6 or higher? #236

When are you going to release a version that includes Duende version 7.0.6 or higher? #236

Comments

gtjsantos commented Sep 27, 2024

skoruba commented Sep 27, 2024

gtjsantos commented Sep 27, 2024

skoruba commented Sep 29, 2024