[GHSA-6929-8p9f-26jx] SimpleSAMLphp HTTP-Artifact TLS validator confusion allows cross-IdP authentication bypass#8519
Conversation
|
Hi there @tvdijen! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository. This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory |
|
I was the community member suggesting this improvement. |
|
Team can you please check and merge this PR ASAP. Our release is blocked due to this security issue. |
It's only blocked by your imagination. I told you ten times already that v4.19.3 has fixes for this CVE. |
Updates
Comments
The patch was backported to fix the upgrade path