- Fixes 500 error when verifying signature of expired tokens through the API
- [Java Only] Updated nimbus-jose-jwt dependency to version 8.22.1 to remove CVE associated with json-smart
- [Java Only] Update commons-io dependency to 31.1.1 to remove flagged CVE-2021-29425 (Medium)
- [Java Only] Update Google guava dependency to 2.11.0 to remove flagged CVE-2020-8908 (Low)
- [.NET Only] Better handling of requests to the LTI 1.1 Basic Outcomes service when Engine is behind a load balancer or reverse proxy
- Added a new setting, OriginTrialTokens, which allows you to configure Chrome Origin Trial tokens that you wish to be included in the player page (as meta tags)
- Fixes issue with LTI 1.3 OIDC auth flow when EnableExternalIdEncryption is set to 'true'
- LTI 1.3 dispatch will now send a label when creating an A&G line item