OpenDJ 5.1.1 Released

Download

What’s new

• Addressed critical security vulnerabilities:
  • CVE-2026-46495 - OpenDJ Unauthenticated RCE via Java Deserialization in JMX RMI
  • CVE-2026-42198 - pgjdbc: Unbounded PBKDF2 iterations in SCRAM authentication allows CPU exhaustion DoS
• Fixed slow DN.valueOf / AVA normalization for nested DN-syntax values
• Bumped Bouncy Castle FIPS dependencies to latest 2.1.x patch releases
• Added native access JVM flag for Bouncy Castle FIPS on newer Java releases
• Docker base DN entry creation opt-in and improved bootstrap LDIF loading resilience
• Updated org.openidentityplatform.commons to 3.1.1
• Fixed JMX RMI connector startup failure introduced by CVE-2026-46495 hardening

Full changeset (more details)

Thanks for the contributions

1. Valery Kharseko
2. Maxim Thomas
3. anvo1115
4. wodzen