website: update release notes for 2024.8.3 and 2024.6.5 (#11541)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
goauthentik · Sep 27, 2024 · 384ca87 · 384ca87
1 parent 5ce8d65
commit 384ca87
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 1 deletion.
diff --git a/website/docs/releases/2024/v2024.6.md b/website/docs/releases/2024/v2024.6.md
@@ -235,6 +235,11 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2024.6
 
 -   security: fix [CVE-2024-42490](../../security/CVE-2024-42490.md), reported by [@m2a2](https://github.com/m2a2) (cherry-pick #11022) #11025
 
+## Fixed in 2024.6.5
+
+-   security: fix [CVE-2024-47070](../../security/CVE-2024-47070.md), reported by [@efpi-bot](https://github.com/efpi-bot) from [LogicalTrust](https://logicaltrust.net/en/) (cherry-pick #11536) (#11540)
+-   security: fix [CVE-2024-47077](../../security/CVE-2024-47077.md), reported by [@quentinmit](https://github.com/quentinmit) (cherry-pick #11535) (#11538)
+
 ## API Changes
 
 #### What's New

diff --git a/website/docs/releases/2024/v2024.8.md b/website/docs/releases/2024/v2024.8.md
@@ -261,7 +261,7 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2024.8
 -   web/admin: improve error handling (cherry-pick #11212) (#11219)
 -   web/users: show - if device was registered before we started saving the time (cherry-pick #11256) (#11257)
 
-## Fixed on 2024.8.2
+## Fixed in 2024.8.2
 
 -   core: ensure all providers have correct priority (cherry-pick #11280) (#11281)
 -   core: ensure proxy provider is correctly looked up (cherry-pick #11267) (#11269)
@@ -275,6 +275,17 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2024.8
 -   web: revert lockfile lint, re-add integrity (#11380)
 -   web/admin: fix notification property mapping forms (cherry-pick #11298) (#11300)
 
+## Fixed in 2024.8.3
+
+-   events: always use expiry from current tenant for events, not only when creating from HTTP request (cherry-pick #11415) (#11416)
+-   providers/proxy: fix traefik label generation (cherry-pick #11460) (#11480)
+-   security: [CVE-2024-47070](../../security/CVE-2024-47070.md), reported by [@efpi-bot](https://github.com/efpi-bot) from [LogicalTrust](https://logicaltrust.net/en/) (cherry-pick #11536) (#11539)
+-   security: [CVE-2024-47077](../../security/CVE-2024-47077.md), reported by [@quentinmit](https://github.com/quentinmit) (cherry-pick #11535) (#11537)
+-   sources/ldap: fix mapping check, fix debug endpoint (cherry-pick #11442) (#11498)
+-   sources/ldap: fix ms_ad userAccountControl not checking for lockout (cherry-pick #11532) (#11534)
+-   web: Fix missing integrity fields in package-lock.json (#11509)
+-   web/admin: fix Authentication flow being required (cherry-pick #11496) (#11497)
+
 ## API Changes
 
 #### What's New