PIP 6.0.2 Release Notes

The new release of PhenixID Identity Provisioning (PIP) improves the stability, compatibility and security of your solution, and is recommended for all installations.

Updated features

1. JRE UPDATE

A digital signature bypass vulnerability has been detected in Java. PIP is with this version updated with a JRE version where this issue is corrected.

For more information about the bug, please read:
https://nvd.nist.gov/vuln/detail/CVE-2022-21449

Misc

1. Java

Identity Provisioning is now tested and bundled with Java 17.0.3_7 from Azul.

2. Upgrade verifications

Verify so there are no duplicate jar-files, as this might cause an unexpected behavior.

Compare /lib with /ext. If duplicates exists, make sure to keep the latest version of jar-files.

3. End of Support

Information about the oldest supported version can be found here.