Blog

The Shibboleth Project has announced the release of V3.3.0 of the Identity Provider software, a major feature upgrade.

This release is in conjunction with an OpenSAML-J feature release, V3.3.0.

 

A service update to the Windows Service Provider installers is now available to deliver updated versions of OpenSSL and libcurl to address minor security issues in those libraries. Details are in the announcement.

The Shibboleth Project has released a security advisory that involves the LDAPConnector feature in the Identity Provider. The advisory describes a temporary workaround, and a forthcoming IdP release due within the next few weeks will permanently correct the issue.

 The Shibboleth Project has released V2.6.0 of the Service Provider software, the first feature upgrade in several years.

This release includes a permanent fix for the security issue described in the advisory last month, a number of other new features and bug fixes, and (on Windows) includes a new version of the Xerces XML parser that addresses a vulnerability disclosed earlier today.

Release notes for this release and previous versions are here.

The Shibboleth Project has released a security advisory that involves the PathRegex feature in the Service Provider. The advisory describes a temporary workaround, and a forthcoming SP release this summer will provide a permanent solution.

The Shibboleth Project has released V2.5.6 of the Service Provider software, a bug fix release that also addresses a security issue in the Xerces XML parser used by the software.

Recently, a group of physicists at The Laser Interferometer Gravitational Wave Observatory (LIGO) completed work detecting gravitational waves. This confirms a major prediction of Albert Einstein's 1915 general theory of relativity and opens an unprecedented new window into the cosmos.

The Shibboleth Consortium is proud to have LIGO as a member, and to have supported LIGO in these efforts, by delivering technology that provides federated access to scientists involved in this work.

"The Shibboleth project has powered efficient, streamlined, and secure collaboration for LIGO for more than five years. LIGO deploys the Shibboleth IdP for federated SSO to more than 70 Shibboleth SPs managing access to the tools and resources that make LIGO a truly international virtual organization," said Stuart Anderson, Director of Computing for LIGO.

Congratulations to LIGO, MIT and Caltech, and the NSF on this incredible accomplishment!

The Shibboleth Project has announced the release of V2.4.5 of the Identity Provider software, a patch release to address bugs reported since the V2.4.4 release

This release is in conjunction with an OpenSAML-J patch release, V2.6.6

These releases are the last non-security releases for both V2 projects prior to the full End-Of-Life of both projects on July 31, 2016. Full details of the EOL schedule are available in the original announcement.