 
												
                	Today PAS 5.1.6 is released, including an important update addressing a critical security vulnerability affecting all versions based on the 5.x branch. We strongly recommend updating immediately to ensure the highest level of protection.
 
												
                	This is a maintenance release that includes a selection of stability improvements and bug fixes, as we continue preparations for our upcoming major version, PAS 6.0, which is just around the corner.
While this release doesn’t introduce any major new features, several enhancements and fixes have been made to ensure a more stable and secure experience:
Improved support for Freja eID: New attributes such as uniquePersonalIdentifier and loaLevel are now supported, offering greater flexibility for organisations using Freja eID for authentication.
Better security insights: The included Software Bill of Materials (SBOM) now lists the Java Runtime Environment, making it easier to track vulnerabilities at a deeper level.
Improved user experience options: A new setting allows administrators to disable automatic sorting of authenticators based on last use, giving more control over the user flow.
This release addresses a number of issues related to performance, error handling, and edge cases in authentication flows. Highlights include:
Fixes for occasional token generation errors in OIDC authentication.
Improvements to large file uploads and stability in PRISM applications under load.
Adjustments to authenticator sequences, including a fix that may impact nested flows. If you are using nested SequenceAuthenticators, we recommend reviewing your configuration after upgrading.
For full details, please refer to the PAS 5.1.7 release notes.
If you have any questions or need support, don’t hesitate to reach out to your PhenixID representative or our support team.