Releases: Governikus/eidas-middleware
Release 3.4.0
This is the 3.4.0 Release of the eIDAS Middleware
Upgrade notes
This release does not require any upgrade procedures when updating from version 3.3.0. If you are however upgrading from an earlier release than 3.3.0, you must execute the upgrade procedure for version 3.3.0. The steps are described in https://github.com/Governikus/eidas-middleware/releases/tag/3.3.0.
Changelog
- eIDAS Middleware: Add support for TLS 1.3
- eIDAS Middleware: Change minimal key length for TLS EC certificates to 250.
Also add a check for recommended named curves. - eIDAS Middleware: Change minimal key length for TLS DHE certificates to 3072.
- eIDAS Middleware: Change SAML method for key transport to RSA-OAEP.
- eIDAS Middleware: Remove SHA-1 cipher suites.
- eIDAS Middleware: Add warning and log if an RSA certificate with less than 3000 bits is used for TLS.
- eIDAS Middleware: CSR renewal will not use the current keypair.
Also use RSA 4096 instead of ECC. - eIDAS Middleware: Support only ‘unspecified’ as NameIdentifier.
OVA File
Because of file size restrictions, the OVA file cannot be added directly to this release. You can download the file here:
https://upload.governikus.de/eidas-middleware/eidas-middleware-3.4.0.ova
The SHA-256 hash of the file is bfca009bc68420b9f9b92e6aced33a9bf9fb1ccbd83839a4b339f18110a85a95.
Release 3.2.1
This is the 3.2.1 Release of the eIDAS Middleware
Upgrade notes
In case you are upgrading from a 2.x release, please follow the instructions from https://github.com/Governikus/eidas-middleware/releases/tag/3.0.0.
Changelog
- eIDAS Middleware: Fix to support new generation of eID cards
OVA File
Because of file size restrictions, the OVA file cannot be added directly to this release. You can download the file here:
https://upload.governikus.de/eidas-middleware/eidas-middleware-3.2.1.ova
The SHA-256 hash of the file is d6962634f40542cac699fff4bd040c24d1d9051eb8eb9460dd15eec0beec8510.
Release 3.3.0
This is the 3.3.0 Release of the eIDAS Middleware
Upgrade notes
This version of the eIDAS Middleware uses the HSQLDB instead of the H2 database. To migrate your previous Middlewares to this version, use the database migration tool. The tool and the documentation is attached to this release.
In case you are upgrading from a 2.x release, please follow the instructions from https://github.com/Governikus/eidas-middleware/releases/tag/3.0.0. The upgrade to to 3.3.0 is supported from the versions 3.0.2, 3.1.3 and 3.2.0.
Changelog
- eIDAS Middleware: Database change from H2 to HSQL - breaking change
- Database Migration Tool: Tool for migration between H2 and HSQL
- eIDAS Middleware: Add functionality of TR-03129-1.40 - breaking change
- eIDAS Middleware: Store Block Lists in file system instead of database, use copy in memory for fast access.
- eIDAS Middleware: Add automatic entanglement of the TLS server certificate with the CVC
- eIDAS Middleware: Add automatic renewal of Request Signer Certificate
- eIDAS Middleware: Add automatic renewal of the TLS client certificate (at the time of publication only available in the test environment)
- eIDAS Middleware: Remove dashboard page and set status page as landing page
- eIDAS Middleware: Add timer history
- eIDAS Middleware: Improved logging
- eIDAS Middleware: Updated VM image to Debian 12 and Java 17.0.10
OVA File
Because of file size restrictions, the OVA file cannot be added directly to this release. You can download the file here:
https://upload.governikus.de/eidas-middleware/eidas-middleware-3.3.0.ova
The SHA-256 hash of the file is 0bf6697490b4742c869ca17ccf44d51fd6be3b38f10b15484f275d600f66710b.
Release 3.2.0
This is the 3.2.0 Release of the eIDAS Middleware
Upgrade notes
In case you are upgrading from a 2.x release, please follow the instructions from https://github.com/Governikus/eidas-middleware/releases/tag/3.0.0.
Changelog
- All components: Update to Java 17.
- All components: Update to Spring Boot 3.1.
- eIDAS Middleware: Fix use of P12 keystores for TLS keys.
- eIDAS Middleware: Fix display of CVC availability on the status page.
- eIDAS Middleware: Remove deprecated configuration parts in the documentation.
- eIDAS Middleware: Only accept specified cryptographic algorithms and elliptic curve parameters.
- eIDAS Middleware: Fix generation of sequence number after an initial CVC request.
- eIDAS Middleware: Improve form validation for initial CVC request.
- eIDAS Middleware & Demo: Update new references to the German eID client.
OVA File
Because of file size restrictions, the OVA file cannot be added directly to this release. You can download the file here:
https://cloud.governikus.de/index.php/s/P6d3Z3L8xtGgQGX
Release 3.1.3
This is the 3.1.3 Release of the eIDAS Middleware
Upgrade notes
In case you are upgrading from a 2.x release, please follow the instructions from https://github.com/Governikus/eidas-middleware/releases/tag/3.0.0.
Changelog
- eIDAS Middleware: Fix CVEs by updating affected libraries, most notably Tomcat.
OVA File
Because of file size restrictions, the OVA file cannot be added directly to this release. You can download the file here:
https://cloud.governikus.de/index.php/s/Po6G9zQ8Ht5RSZM
Release 3.1.2
This is the 3.1.2 Release of the eIDAS Middleware
Upgrade notes
In case you are upgrading from a 2.x release, please follow the instructions from https://github.com/Governikus/eidas-middleware/releases/tag/3.0.0.
Changelog
- eIDAS Middleware: Fix CVEs by updating affected libraries, most notably xmlsec.
OVA File
Because of file size restrictions, the OVA file cannot be added directly to this release. You can download the file here:
https://cloud.governikus.de/index.php/s/H9RJH36L6fjddqT
Release 3.0.2
This is the 3.0.2 Release of the eIDAS Middleware
Upgrade notes
In case you are upgrading from a 2.x release, please follow the instructions from https://github.com/Governikus/eidas-middleware/releases/tag/3.0.0.
Changelog
- eIDAS Middleware: Fix CVEs by updating affected libraries, most notably xmlsec.
OVA File
Because of file size restrictions, the OVA file cannot be added directly to this release. You can download the file here:
https://cloud.governikus.de/index.php/s/3QFBRnAsyB7A4dq
Release 2.2.9
This is the 2.2.9 Release of the eIDAS Middleware
Changelog
- eIDAS Middleware: Fix CVEs by updating affected libraries, most notably xmlsec.
OVA File
Because of file size restrictions, the OVA file cannot be added directly to this release. You can download the file here:
https://cloud.governikus.de/index.php/s/j27W2gbRJGpCbqP
Release 3.1.1
This is the 3.1.1 Release of the eIDAS Middleware
Upgrade notes
In case you are upgrading from a 2.x release, follow the instructions from https://github.com/Governikus/eidas-middleware/releases/tag/3.0.0. Perform the upgrade with the configuration-migration.jar from this release.
Changelog
- eIDAS Middleware: Update identglue and fix behaviour for mobile use.
- eIDAS Middleware: Add the shibboleth repository to pom.xml
OVA File
Because of file size restrictions, the OVA file cannot be added directly to this release. You can download the file here:
https://cloud.governikus.de/index.php/s/jqTL8BiJ65bDsnc
Release 3.1.0
This is the 3.1.0 Release of the eIDAS Middleware
Upgrade notes
In case you are upgrading from a 2.x release, follow the instructions from https://github.com/Governikus/eidas-middleware/releases/tag/3.0.0. Perform the upgrade with the configuration-migration.jar from this release.
Changelog
- All components: Code cleanups.
- eIDAS Middleware: Using identglue to check the availability of the AusweisApp2.
- eIDAS Middleware: Added a timer to renew an expired CVC with a Request Signer Certificate when the current CVC is expired less than two days.
- Added a notification in the Admin-UI to indicate that the renewal will be tried.
- eIDAS Middleware: Fix unsuccessful indication of a public service provider on certain conditions.
- eIDAS Middleware: Obsolete decryption key pair for SAML has been removed in the Admin-UI.
- eIDAS Middleware: The used holder reference will be logged if an CVC request is unsuccessful.
- eIDAS Middleware: A sequence number is never reused for CVC requests of a service provider.
- eIDAS Demo: Improved design and added decrypted assertion on result page.
- eIDAS Middleware: Added support for Brainpool elliptic curves on TLS connections.
- eIDAS Middleware: Static resources have been moved from the base path to module specific paths.
- eIDAS Middleware: SAML redirect binding has been added.
- eIDAS Middleware: Added support for the natural person attribute 'Nationality'.
OVA File
Because of file size restrictions, the OVA file cannot be added directly to this release. You can download the file here:
https://cloud.governikus.de/index.php/s/gLjRz4PkHZxawWJ