From f79054fe8c5c8491ffb95cf36d4f07fc164df0e7 Mon Sep 17 00:00:00 2001
From: Jens L <jens@goauthentik.io>
Date: Mon, 29 Jan 2024 17:50:22 +0100
Subject: [PATCH] website: update release notes (#8348)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
---
 website/docs/releases/2023/v2023.10.md | 12 ++++++++++++
 website/docs/releases/2023/v2023.8.md  |  4 ++++
 2 files changed, 16 insertions(+)

diff --git a/website/docs/releases/2023/v2023.10.md b/website/docs/releases/2023/v2023.10.md
index b5dc6ccb78..04760aa74a 100644
--- a/website/docs/releases/2023/v2023.10.md
+++ b/website/docs/releases/2023/v2023.10.md
@@ -193,6 +193,18 @@ helm upgrade authentik authentik/authentik -f values.yaml --version ^2023.10
 -   sources/oauth: fix missing get_user_id for OIDC-like sources (Azure AD) (#7970)
 -   web/flows: fix device picker incorrect foreground color (cherry-pick #8067) (#8069)
 
+## Fixed in 2023.10.7
+
+-   providers/oauth2: fix fix [CVE-2024-23647](../../security/CVE-2024-23647.md) (cherry-pick #8345) (#8347)
+-   rbac: fix invitations listing with restricted permissions (cherry-pick #8227) (#8229)
+-   root: fix listen trusted_proxy_cidrs config loading from environment (#8075)
+-   root: fix redis config not being updated to match previous change
+-   sources/oauth: fix azure_ad user_id and add test and fallback (cherry-pick #8146) (#8152)
+-   sources/oauth: fix URLs being overwritten by OIDC urls (cherry-pick #8147) (#8156)
+-   sources/oauth: revert azure_ad profile URL change (cherry-pick #8139) (#8141)
+-   stages/authenticator_validate: use friendly_name for stage selector when enrolling (cherry-pick #8255) (#8256)
+-   web/flows: fix icon for generic oauth source with dark theme (cherry-pick #8148) (#8151)
+
 ## API Changes
 
 #### What's New
diff --git a/website/docs/releases/2023/v2023.8.md b/website/docs/releases/2023/v2023.8.md
index 4a64d9c483..d41cf2eca6 100644
--- a/website/docs/releases/2023/v2023.8.md
+++ b/website/docs/releases/2023/v2023.8.md
@@ -167,6 +167,10 @@ image:
 
 -   providers/oauth2: fix [CVE-2024-21637](../../security/CVE-2024-21637.md), Reported by [@lauritzh](https://github.com/lauritzh) (#8104)
 
+## Fixed in 2023.8.7
+
+-   providers/oauth2: fix fix [CVE-2024-23647](../../security/CVE-2024-23647.md) (cherry-pick #8345) (#8347)
+
 ## API Changes
 
 #### What's New