OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors
APACHE-2.0 License
Bot releases are visible (Hide)
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.39.1
Update max length of Kubernetes object to fit Kubernetes policy by @RomanenkoDenys in https://github.com/dexidp/dex/pull/3439 (fix regression for Kubernetes storage)
Do not escape password for LDAP connectors by @nabokihms in https://github.com/dexidp/dex/pull/3470 (changes introduced in v2.39.0 were reverted)
Published by nabokihms 7 months ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.39.0
The validation of username and password in the LDAP connector is much more strict now.
As of today, Dex uses the EscapeFilter
function to check for special characters in credentials and prevent injections by denying such requests.
the special characters in the set
()*\
and those out of the range 0 < c < 0x80, as defined in RFC4515
3bd4475
to 3354c3a
by @dependabot in https://github.com/dexidp/dex/pull/3310
9be3fcc
to a43abc8
by @dependabot in https://github.com/dexidp/dex/pull/3350
a43abc8
to 072d78b
by @dependabot in https://github.com/dexidp/dex/pull/3374
072d78b
to 9235ad9
by @dependabot in https://github.com/dexidp/dex/pull/3381
9235ad9
to 7e5c6a2
by @dependabot in https://github.com/dexidp/dex/pull/3410
010f3b3
to ede158f
by @dependabot in https://github.com/dexidp/dex/pull/3421
Full Changelog: https://github.com/dexidp/dex/compare/v2.38.0...v2.39.0
Published by sagikazarmark 9 months ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.38.0
869193e
to 3bd4475
by @dependabot in https://github.com/dexidp/dex/pull/3301
Full Changelog: https://github.com/dexidp/dex/compare/v2.37.0...v2.38.0
Published by nabokihms over 1 year ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.37.0
Full Changelog: https://github.com/dexidp/dex/compare/v2.36.0...v2.37.0
Published by sagikazarmark over 1 year ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.36.0
Full Changelog: https://github.com/dexidp/dex/compare/v2.35.3...v2.36.0
Published by sagikazarmark about 2 years ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.3
Full Changelog: https://github.com/dexidp/dex/compare/v2.35.2...v2.35.3
Published by sagikazarmark about 2 years ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.2
Full Changelog: https://github.com/dexidp/dex/compare/v2.35.1...v2.35.2
Published by sagikazarmark about 2 years ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.1
Full Changelog: https://github.com/dexidp/dex/compare/v2.35.0...v2.35.1
Published by sagikazarmark about 2 years ago
⚠️ This release fixes a major vulnerability in Dex. We advise everyone to upgrade as soon as possible! ⚠️
If you use the Google connector, please upgrade to 2.35.1 instead.
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.35.0
Full Changelog: https://github.com/dexidp/dex/compare/v2.34.0...v2.35.0
Published by nabokihms about 2 years ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.34.0
Full Changelog: https://github.com/dexidp/dex/compare/v2.33.0...v2.34.0
Published by sagikazarmark about 2 years ago
Full Changelog: https://github.com/dexidp/dex/compare/v2.33.0...v2.33.1
Published by nabokihms about 2 years ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.33.0
Full Changelog: https://github.com/dexidp/dex/compare/v2.32.0...v2.33.0
Published by sagikazarmark over 2 years ago
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.32.0
Full Changelog: https://github.com/dexidp/dex/compare/v2.31.0...v2.32.0
Published by sagikazarmark over 2 years ago
This is a maintenance release upgrading Go to apply some security patches.
The official container image for this release can be pulled from
ghcr.io/dexidp/dex:v2.31.2
Full Changelog: https://github.com/dexidp/dex/compare/v2.31.1...v2.31.2
Published by sagikazarmark over 2 years ago
This is a maintenance release upgrading Go to apply some security patches.
Full Changelog: https://github.com/dexidp/dex/compare/v2.31.0...v2.31.1
Published by sagikazarmark over 2 years ago
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.31.0
Full Changelog: https://github.com/dexidp/dex/compare/v2.30.0...v2.31.0
Published by nabokihms over 2 years ago
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.30.3
Bugfixes:
Bitbucket Cloud connector: replace /teams
API w/ /workspaces
(#2390, @rahulchheda)
Note: Deprecated /teams
endpoints were deleted by Atlassian, which broke the Bitbucket Cloud connector. Thus anyone using authentication through Bitbucket Cloud should upgrade Dex to the >= v2.30.3
version.
Published by sagikazarmark almost 3 years ago
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.30.2
This version is identical to v2.30.1.
We had some issues with CI when tagging v2.30.1 and tried tagging one more time. Ultimately, it turned out to be a permission issue. After fixing that both builds completed successfully.
Published by sagikazarmark almost 3 years ago
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.30.1
Security:
Published by nabokihms about 3 years ago
The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.30.0
Features:
apiextensions.k8s.io/v1
(#2025, @nabokihms)Bugfixes:
Minor changes:
htpasswd
for the bCrypt hashing in static passwords (#2218, @jglick)Dependencies:
golang
docker image 1.16.5-alpine3.13 -> 1.16.6-alpine3.13