Page tree
Skip to end of metadata
Go to start of metadata

You can follow this space for news about the project and software releases, though it is strongly advised that you subscribe to the announce mailing list instead. There may be lag in important information appearing here.

The Shibboleth Project has released version 3.4.7 https://shibboleth.net/downloads/identity-provider/latest3/ of the Identity Provider. See the announcement announcement http://shibboleth.net/pipermail/announce/2020-July/000217.html for details.
The Shibboleth Project has released the second beta of version 4.0.1 https://shibboleth.net/downloads/identity-provider/4.0.1/ of the Identity Provider. See the announcement http://shibboleth.net/pipermail/announce/2020-June/000216.html for details.
The Shibboleth Project has released version 4.0.0 https://shibboleth.net/downloads/identity-provider/4.0.0/ of the Identity Provider. See the announcement http://shibboleth.net/pipermail/announce/2020-March/000213.html for details.
The Shibboleth Project has released the second beta of version 4.0.0 https://shibboleth.net/downloads/identity-provider/4.0.0-beta2/ https://shibboleth.net/downloads/identity-provider/4.0.0-beta2/ of the Identity Provider. See the announcement http://shibboleth.net/pipermail/announce/2020-February/000211.html http://shibboleth.net/pipermail/announce/2020-February/000211.html for details.
The Shibboleth Project has released the first beta https://shibboleth.net/downloads/identity-provider/extensions/java-idp-oidc/2.0.0-beta1/ of version 2.0.0 of the OpenID Connect (OIDC) extension for the Identity Provider. See the announcement http://shibboleth.net/pipermail/announce/2020-February/000210.html for details.
The Shibboleth Project has released the first beta https://shibboleth.net/downloads/identity-provider/4.0.0-beta1/ of version 4.0.0 of the Identity Provider. See the announcement http://shibboleth.net/pipermail/announce/2020-February/000209.html for details.
The Shibboleth project has released a security advisory https://shibboleth.net/community/advisories/secadv_20191002.txt regarding denial of service via external authentication flows.
The Shibboleth Project has released version 3.4.6 https://shibboleth.net/downloads/identity-provider/3.4.6/ of the Identity Provider. This is a patch upgrade containing bug fixes. See the announcement https://shibboleth.net/pipermail/announce/2019-October/000205.html for details. This release is in conjunction with a security advisory https://shibboleth.net/community/advisories/secadv_20191002.txt regarding denial of service via external authentication flows.
The Shibboleth Project has released version 3.4.5 https://shibboleth.net/downloads/identity-provider/3.4.5/ https://shibboleth.net/downloads/identity-provider/3.4.5/ of the Identity Provider. This is a patch upgrade containing bug fixes. See the announcement https://shibboleth.net/pipermail/announce/2019-September/000203.html https://shibboleth.net/pipermail/announce/2019-September/000203.html for details.
The Shibboleth Project has released a security advisory https://shibboleth.net/community/advisories/secadv_20190311.txt regarding a denial of service vulnerability. Updated packages are available that correct the issue.
An SP patch release has been made available to address a security issue https://shibboleth.net/community/advisories/secadv_20190311.txt and address a few small bugs.
The Shibboleth Project has released version 3.4.3 https://shibboleth.net/downloads/identity-provider/3.4.3/ of the Identity Provider software. This is a patch upgrade to fix a pair of regressions. See the announcement https://shibboleth.net/pipermail/announce/2019-January/000194.html for further details.
The Shibboleth Project has released a security advisory https://shibboleth.net/community/advisories/secadv_20181219.txt https://shibboleth.net/community/advisories/secadv_20181219.txt that involves a vulnerability to information disclosure via the CAS protocol.
The Shibboleth Project has released version 3. https://shibboleth.net/downloads/identity-provider/3.3.3/4.2 of the Identity Provider software, a patch upgrade. See the announcement https://shibboleth.net/pipermail/announce/2018-December/000190.html for further details. This release is in conjunction with a security advisory https://shibboleth.net/community/advisories/secadv_20181219.txt.
The Shibboleth Project has released a security advisory https://shibboleth.net/community/advisories/secadv_20181219a.txt regarding a denial of service vulnerability. Updated packages are available that correct the issue.
A third SP patch release has been made available to address a security issue https://shibboleth.net/community/advisories/secadv_20181219a.txt and make other library updates available to Windows deployers. Additional patch releases may be warranted as more adoption and testing occurs so please stay tuned to the announce https://shibboleth.net/mailman/listinfo/announce list.
The Shibboleth Project has released a minor feature upgrade, V3.4.0, of its Identity Provider software. See the announcement https://shibboleth.net/pipermail/announce/2018-October/000187.html for further details.
The Shibboleth Project has released a security advisory https://shibboleth.net/community/advisories/secadv_20180803.txt that highlights a bug corrected in a third-party library that addresses a denial of service vulnerability in the SP. Updated packages are available that correct the issue. Note that this is the first issue that impacts SP V2 that cannot efficiently be addressed by the project,…
A second SP patch release has been made available to fix more bugs identified by early adopters and make other library updates available to Windows deployers. Additional patch releases may be warranted as more adoption and testing occurs so please stay tuned to the announce https://shibboleth.net/mailman/listinfo/announce list.
An SP patch release has been quickly made available to fix some major problems identified by early adopters. Additional patch releases may be warranted as more adoption and testing occurs so please stay tuned to the announce https://shibboleth.net/mailman/listinfo/announce list.


  • No labels