...
Known Issues
None at this time.
3.4.1 (Unreleased)
Jira Legacy | ||||||||
---|---|---|---|---|---|---|---|---|
|
This is a small patch to address a few bugs, in particular:
Reinforcing the xmltooling library (V3.2.3, included in this Windows release) to block an unnecessary XML Encryption construct, related to the advisory issued for the IdP recently. The SP is not believed to be vulnerable, but this is a defensive measure.
Adjusting the default ACL on Windows when the SP is installed outside of “Program Files” to prevent open write access to the folders. Note that with the huge variety of IIS security configurations, you may need to further adjust ACLs if unexpected user accounts are being used by IIS, so test before use.
3.4.0 (November 3, 2022)
Jira Legacy | ||||||||
---|---|---|---|---|---|---|---|---|
|
...