From 3b1034b9a2d9b0771a320c815bc924e5ec10c74c Mon Sep 17 00:00:00 2001 From: "gcp-cherry-pick-bot[bot]" <98988430+gcp-cherry-pick-bot[bot]@users.noreply.github.com> Date: Wed, 26 Jun 2024 10:56:28 +0000 Subject: [PATCH] website/docs: update 2024.6 release notes with latest changes (cherry-pick #10228) (#10243) Co-authored-by: Marc 'risson' Schmitt --- website/docs/releases/2024/v2024.6.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/website/docs/releases/2024/v2024.6.md b/website/docs/releases/2024/v2024.6.md index 391a59a2aef0..c2ee7063bca7 100644 --- a/website/docs/releases/2024/v2024.6.md +++ b/website/docs/releases/2024/v2024.6.md @@ -111,6 +111,7 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2024.6 - core: groups: optimize recursive children query (#9931) - core: include version in built JS files (cherry-pick #9558) (#10148) - core: only prefetch related objects when required (#9476) +- core: rework base for SkipObject exception to better support control flow exceptions (cherry-pick #10186) (#10187) - crypto: update fingerprint at same time as certificate (#10036) - enterprise/audit: fix audit logging with m2m relations (#9571) - enterprise/providers/google: initial account sync to google workspace (#9384) @@ -152,6 +153,8 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2024.6 - root: handle asgi exception (#10085) - root: include task_id in events and logs (#9749) - root: use custom model serializer that saves m2m without bulk (cherry-pick #10139) (#10151) +- security: fix [CVE-2024-37905](../../security/CVE-2024-37905.md), reported by [@m2a2](https://github.com/m2a2) (cherry-pick #10230) (#10237) +- security: fix [CVE-2024-38371](../../security/CVE-2024-38371.md), reported by Stefan Zwanenburg (cherry-pick #10229) (#10234) - sources/oauth: ensure all UI sources return a valid source (#9401) - sources/oauth: fix OAuth Client sending token request incorrectly (#9474) - sources/oauth: modernizes discord icon (#9817)