För kännedom gällande Shibboleth SP. Mer information kommer.
Pål
---------- Forwarded message ---------
Från: Cantor, Scott via announce <announce(a)shibboleth.net>
Date: ons 4 okt. 2023 17:02
Subject: Monitoring upcming curl advisory
To: announce(a)shibboleth.net <announce(a)shibboleth.net>
Cc: Cantor, Scott
This is going to announce because it's public information, and your
security teams probably are already aware, but curl (and libcurl) are
dropping an early update next week to address what the maintainer
characterizes as "the worst curl security flaw in a long time".
The SP right now obviously depends on curl and we package it for older Red
Hat and Windows, so we are monitoring the situation and will respond when
more facts are available.
The SP's usage is somewhat specialized so lots of issues tend to glide by
it, but assuming an update is necessary I'm prepping the files for that to
minimize the time it will take to get an update out.
-- Scott
--
To unsubscribe from this list send an email to
announce-unsubscribe(a)shibboleth.net
Show replies by thread