Shibboleth Identity Provider 2.4.3 Released

Athanasios Douitsis aduitsis at
Tue Nov 4 10:24:09 EST 2014

Hello Scott,

I noticed you removed the endorsed/ directory instructions recently. Should
we remove those libs from the tomcat endorsed directory as well or we can
just leave them there?

Kind regards,

On Tue, Nov 4, 2014 at 4:02 PM, Cantor, Scott <cantor.2 at> wrote:

> The Shibboleth Project has released a patch update, V2.4.3, of the
> Identity Provider software, along with an update of the OpenSAML library,
> 2.6.4.
> This release primarily addresses the security advisory just announced
> addressing a denial of service vulnerability in the Xerces XML parser, and
> fixes a bug in the code around scripted attributes when Java 8 is used.
> You can download the new release from the usual location [1] and we are in
> the process of updating documentation now.
> -- Scott
> [1]
> --
> To unsubscribe from this list send an email to
> announce-unsubscribe at

Athanasios Douitsis
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list