Tip |
---|
This page provides easier access to the complete history of Security Advisories released for the Shibboleth V2 software products and an "at a glance" table showing you which releases are vulnerable to what kinds of issues. If you're running a particular version, you can use this table to identify the issues that could affect your system and determine how urgent an upgrade is. In addition to the announce mailing list, you can "watch" this page for changes to keep abreast. Pages exist describing briefly how to check the IdP or SP version you have.
...
If you would like to report an issue you believe is security related, you can do any of the following:
...
.
...
As always, sites are advised to use the latest stable release of any Shibboleth product. Refer to the ProductVersioning page for information about our support and versioning policies. The Home page identifies the specific versions recommended at a given point in time
...
Version | EOL | User Data Exposure | Resource Exposure | Session Hijacking | Denial of Service | Remote Exploit | Advisories |
---|---|---|---|---|---|---|---|
All | X | X | X | 2018-02-27, 2018-01-23, 2018-01-12, 2016-06-29, 2016-05-04, 2014-06-08, 2014-04-09, 2013-12-02, 2011-10-24 | |||
2.6.1 | X | X | X | ||||
2.6.0 | Nov 2017 | X | X | X | 2017-11-15 | ||
2.5.6 | Jun 2016 | X | X | X | |||
2.5.5 | Feb 2016 | X | X | X | |||
2.5.4 | Jul 2015 | X | X | X | X | 2015-07-21 | |
2.5.3 | Mar 2015 | X | X | X | X | 2015-03-19 | |
2.5.2 | Dec 2013 | X | X | X | X | ||
2.5.0 - 2.5.1 | June 2013 | X | X | X | 2013-06-18, 2013-01-10 | ||
2.4.3 | Nov 2012 | X | X | X | X | 2012-04-19 | |
2.4.0 - 2.4.2 | Jul 2011 | X | X | X | X | 2011-07-25, 2011-07-06 | |
2.3.0 - 2.3.1 | Dec 2010 | X | X | X | X | ||
2.2.1 | Nov 2009 | X | X | X | X | X | 2009-11-04, 2009-08-26 |
2.2.0 | Aug 2009 | X | X | X | X | X | 2009-08-17 |
2.0.0 - 2.1.0 | Jun 2009 | X | X | X | X | X | 2009-06-15 |
...