gabanyga at oit.rutgers.edu
Tue Nov 1 19:05:28 UTC 2022
Thanks. Is the IdP affected by this OpenSSL vulnerability?
-------- Original Message --------
From: Cantor, Scott via users [mailto:users at shibboleth.net]
Sent: Tuesday, November 1, 2022 at 12:05 PM EDT
To: users at shibboleth.net <users at shibboleth.net>
Cc: Cantor, Scott <cantor.2 at osu.edu>
Subject: OpenSSL bug
> OpenSSL's critical advisory just dropped, and as expected I don't think the SP is particularly vulnerable but I was planning to go ahead and release 3.4 anyway out of caution (i.e. I need to update the libs on Windows so that's a good enough reason to go ahead and distribute a few other fixes).
> Don't see a need to rush it but should be out late today or tomorrow.
> -- Scott
> For Consortium Member technical support, see https://nam02.safelinks.protection.outlook.com/?url=https%3A%2F%2Fshibboleth.atlassian.net%2Fwiki%2Fx%2FZYEpPw&data=05%7C01%7Cgabanyga%40oit.rutgers.edu%7C367ccd9e96ef4ad12e2b08dabc2308b9%7Cb92d2b234d35447093ff69aca6632ffe%7C1%7C0%7C638029155901417214%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=aUePdYbkwraKzvr%2Bp7n4cz%2BAT7MpLO4m9qoP9FFMl6Y%3D&reserved=0
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users