From 85e9d4e4009b76ed52ff1e8d0134b89d04d7fdb6 Mon Sep 17 00:00:00 2001
From: Maxime Besson <maxime.besson@worteks.com>
Date: Mon, 4 Jan 2021 15:08:29 +0100
Subject: [PATCH] Add upgrade note for #2429

---
 doc/sources/admin/upgrade_2_0_x.rst | 1 +
 1 file changed, 1 insertion(+)

diff --git a/doc/sources/admin/upgrade_2_0_x.rst b/doc/sources/admin/upgrade_2_0_x.rst
index 8d25cfa8a..b62cde1cd 100644
--- a/doc/sources/admin/upgrade_2_0_x.rst
+++ b/doc/sources/admin/upgrade_2_0_x.rst
@@ -27,6 +27,7 @@ backups and a rollback plan ready!
 - If you use :doc:`applications/mattermost` with OpenID Connect, you need to set the ``id`` claim type to *Integer*
 - BruteForceProtection plugin now prevents authentication on backend if an account is locked
 - In the Manager API, postLogoutRedirectUri is now `returned and consumed as an array <https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2347>`__
+- We fixed a bug that caused SAML sessions to be created and never deleted, you should check your session databases for sessions that have ``"_session_kind": "ISAML"`` but no ``_utime``. You can safely delete SAML sessions with no ``_utime`` during the upgrade.
 
 2.0.9
 -----