You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
We've been made aware of a security issue in one of the dependencies of SimpleSAMLphp,
The developers have evaluated the impact for SimpleSAMLphp, which we found to be high.
If you're using older versions or forks, please make sure you can build and release patched versions quickly.
Timeline will be as follows:
- Patch release on Sunday Dec 1st (as late as possible CET zone).
- New releases for OpenConext and SimpleSAMLphp the next day on Dec 2nd as early as possible.
- Publication of the security advisory with disclosure on the vulnerability on Sunday 8th.
We understand this message will raise questions about the impact and the scope of the vulnerability, but please understand that we cannot answer any questions as long as this vulnerability is under embargo.
