Security issue in SimpleSAMLphp
2,301 views
Skip to first unread message
Jaime Pérez Crespo
Nov 4, 2019, 5:35:54 AM11/4/19
to simplesamlp...@googlegroups.com
Hi all,
We have been made aware of a security issue affecting all SimpleSAMLphp instances deployed as a service provider (basically, using SimpleSAMLphp to protect access to your application). This issue has been deemed critical, and will therefore need an urgent update. We will be releasing SimpleSAMLphp 1.17.7 during next Wednesday the 6th of November, at a time yet to be determined. We urge all SimpleSAMLphp users to make sure they are running the current stable version, so that upgrading to the new release doesn’t have any side effects, and to be prepared to upgrade their deployments as soon as the new stable release is published.
The details of the issue are embargoed for the time being, but will be made public after the bugfix release has been published. CVE 2019-3465 has been assigned to this issue.
--
Jaime Pérez
Uninett / Feide
PGP: 9A08 EA20 E062 70B4 616B 43E3 562A FE3A 6293 62C2
https://keybase.io/jaimeperez
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost
We have been made aware of a security issue affecting all SimpleSAMLphp instances deployed as a service provider (basically, using SimpleSAMLphp to protect access to your application). This issue has been deemed critical, and will therefore need an urgent update. We will be releasing SimpleSAMLphp 1.17.7 during next Wednesday the 6th of November, at a time yet to be determined. We urge all SimpleSAMLphp users to make sure they are running the current stable version, so that upgrading to the new release doesn’t have any side effects, and to be prepared to upgrade their deployments as soon as the new stable release is published.
The details of the issue are embargoed for the time being, but will be made public after the bugfix release has been published. CVE 2019-3465 has been assigned to this issue.
--
Jaime Pérez
Uninett / Feide
PGP: 9A08 EA20 E062 70B4 616B 43E3 562A FE3A 6293 62C2
https://keybase.io/jaimeperez
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost
Reply all
Reply to author
Forward
0 new messages