Login
Newsletter
Werbung

Sicherheit: Mangelnde Prüfung von Signaturen in php-simplesamlphp-saml2_1
Aktuelle Meldungen Distributionen
Name: Mangelnde Prüfung von Signaturen in php-simplesamlphp-saml2_1
ID: FEDORA-2016-b000091725
Distribution: Fedora
Plattformen: Fedora 24
Datum: Di, 13. Dezember 2016, 09:10
Referenzen: https://bugzilla.redhat.com/show_bug.cgi?id=1401148
https://bugzilla.redhat.com/show_bug.cgi?id=1401147
Applikationen: php-simplesamlphp-saml2_1

Originalnachricht

Name        : php-simplesamlphp-saml2_1
Product : Fedora 24
Version : 1.10.3
Release : 1.fc24
URL : https://github.com/simplesamlphp/saml2
Summary : SAML2 PHP library from SimpleSAMLphp (version 1)
Description :
A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp
[1],
used by OpenConext [2]. This library started as a collaboration between
UNINETT [3] and SURFnet [4] but everyone is invited to contribute.

Autoloader: /usr/share/php/SAML2_1/autoload.php

[1] https://www.simplesamlphp.org/
[2] https://www.openconext.org/
[3] https://www.uninett.no/
[4] https://www.surfnet.nl/

-------------------------------------------------------------------------------
-
Update Information:

### v1.10.3 / v2.3.3 - This is a security release fixing an issue with
signature validation. Please upgrade as soon as possible. -
[201612-01](https://simplesamlphp.org/security/201612-01)
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1401147 - php-simplesamlphp-saml2-2.3.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1401147
[ 2 ] Bug #1401148 - php-simplesamlphp-saml2_1-1.10.3 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1401148
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade php-simplesamlphp-saml2_1' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung