Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
Upcoming security release
1,642 views
Skip to first unread message
Tim van Dijen
Nov 25, 2024, 2:44:10 PM11/25/24
to SimpleSAMLphp Announce
Hi!
We've been made aware of a security issue in one of the dependencies of SimpleSAMLphp,
The developers have evaluated the impact for SimpleSAMLphp, which we found to be high.
If you're using older versions or forks, please make sure you can build and release patched versions quickly.
I understand this message will raise questions about the impact and the scope of the vulnerability, but please understand that we cannot answer any questions as long as this vulnerability is under embargo.
Kind regards,
Tim van Dijen
We've been made aware of a security issue in one of the dependencies of SimpleSAMLphp,
The developers have evaluated the impact for SimpleSAMLphp, which we found to be high.
If you're using older versions or forks, please make sure you can build and release patched versions quickly.
Timeline will be as follows:
- Patch release on Sunday Dec 1st (as late as possible CET zone).
- New releases for OpenConext and SimpleSAMLphp the next day on Dec 2nd as early as possible.
- Publication of the security advisory with disclosure on the vulnerability on Sunday 8th.
I understand this message will raise questions about the impact and the scope of the vulnerability, but please understand that we cannot answer any questions as long as this vulnerability is under embargo.
Kind regards,
Tim van Dijen
Reply all
Reply to author
Forward
0 new messages