release notes for 1.48.2 (#2690)

* draft release notes for 1.48.2 * PR updates * fixed formatting --------- Co-authored-by: Andy Pai <[email protected]>
FusionAuth · Nov 24, 2023 · 5f66e20 · 5f66e20
1 parent a29d990
commit 5f66e20
Showing 1 changed file with 19 additions and 0 deletions.
diff --git a/astro/src/content/docs/release-notes/index.mdx b/astro/src/content/docs/release-notes/index.mdx
@@ -16,6 +16,25 @@ import ReleaseNoteHeading from 'src/components/docs/release-notes/ReleaseNoteHea
 
 Looking for release notes older than 1.23.0? Look in the [release notes archive](/docs/release-notes/archive). Looking to be [notified of new releases?](/docs/operate/roadmap/releases#release-notifications)
 
+<ReleaseNoteHeading version="1.48.2" releaseDate="November 21st, 2023" />
+
+### Fixed
+* When paging beyond 10,000 in the FusionAuth admin UI for Users or Entities, the bottom set of pagination controls may not work. If you encounter an error when clicking on the pagination controls, use the top set of controls instead. This bug is specific to the new pagination introduced in version `1.48.0`.
+  * Resolves [GitHub Issue #2544](https://github.com/FusionAuth/fusionauth-issues/issues/2544)
+* In some cases when using with FusionAuth-hosted pages in an non-secure context, such as accessing FusionAuth on `localhost`, the `PublicKeyCredential` JavaScript API will not be available. This may cause an error on your JavaScript console `PublicKeyCredential is not defined`. This error kept the form on the page from correctly submitting.
+  * Resolves [GitHub Issue #2500](https://github.com/FusionAuth/fusionauth-issues/issues/2500)
+* In version `1.48.0` a change was made to reject a link request from an OpenID Connect IdP when the `email_verified` claim is supplied with a value of `false`. An assumption was made that the `email` and `email_verified` claims would both be present in the `Userinfo` response or the `id_token`. Some providers may split these claims, so this assumption has been removed.
+  * Resolves [GitHub Issue #2542](https://github.com/FusionAuth/fusionauth-issues/issues/2542)
+
+### Security
+* Correct the validation of the `post_logout_redirect_uri` parameter on the OAuth2 Logout request for relative URIs intended for use for FusionAuth applications.
+  * Resolves [GitHub Issue #2539](https://github.com/FusionAuth/fusionauth-issues/issues/2539)
+
+### Internal
+* Improve our JWT validation for internal security schemes by failing faster on invalid tokens.
+  * Resolves [GitHub Issue #2555](https://github.com/FusionAuth/fusionauth-issues/issues/2555)
+
+
 <ReleaseNoteHeading version="1.48.1" releaseDate="October 29th, 2023" />
 
 <DatabaseMigrationWarning/>