Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

Fedora 23: php-simplesamlphp-saml2 Security Update Critical: Signature Fix

fedora
Calendar Grey December 13, 2016
Dist Fedora Esm H88
Important patch released for php-simplesamlphp-saml2 in Fedora 23. Prompt upgrade advised to address signature verification issue.
### v1.10.3 / v2.3.3 - This is a security release fixing an issue with signature validation

Summary

A PHP library for SAML2 related functionality. Extracted from SimpleSAMLphp [1],

used by OpenConext [2]. This library started as a collaboration between

UNINETT [3] and SURFnet [4] but everyone is invited to contribute.

Autoloader: /usr/share/php/SAML2/autoload.php

[1] https://simplesamlphp.org/

[2] https://openconext.org/

[3] https://sikt.no/

[4] https://www.surf.nl

Update Information:

### v1.10.3 / v2.3.3 - This is a security release fixing an issue with signature validation. Please upgrade as soon as possible. - [201612-01](https://simplesamlphp.org/security/201612-01)

Change Log

References


[ 1 ] Bug #1401147 - php-simplesamlphp-saml2-2.3.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1401147 [ 2 ] Bug #1401148 - php-simplesamlphp-saml2_1-1.10.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1401148

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade php-simplesamlphp-saml2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: php-simplesamlphp-saml2
Product: Fedora 23
Version: 2.3.3
Release: 1.fc23
Summary: SAML2 PHP library from SimpleSAMLphp

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.