Alert GCSA-23043 - Shibboleth Identity Provider security advisory


******************************************************************

Alert ID: GCSA-23043
data: 31 mar 2023
titolo: Shibboleth Identity Provider security advisory

******************************************************************

:: Descrizione del problema

La Federazione IDEM (https://www.idem.garr.it/) informa che e' stato emesso
un nuovo Security Advisory per Shibboleth Identity Provider, e suggerisce
l'aggiornamento del software.

Maggiori informazioni sono disponibili alla sezione "Riferimenti".


:: Piattaforme e software interessati

Shibboleth Identity Provider versione 4.3.0


:: Impatto

User Data Exposure
User Data Accuracy


:: Soluzioni

Aggiornare alla versione 4.3.1
https://shibboleth.net/downloads/identity-provider/4.3.1/


:: Riferimenti

Shibboleth Identity Provider 4 - Security Advisories
https://shibboleth.atlassian.net/wiki/spaces/IDP4/pages/1265631889/SecurityAdvisories
https://shibboleth.net/community/advisories/secadv_20230330.txt

Shibboleth Identity Provider 4 - Release Notes
https://shibboleth.atlassian.net/wiki/spaces/IDP4/pages/1265631499/ReleaseNotes#4.3.1-(March-30,-2023)


GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----

iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZCaidw0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCSF4AoNVWObVRao+LdI9kyCEKPsdLtHz8AJ0ZeD7eKTdm
8qjbd2QtKoDJ0G+zcA==
=BI2l
-----END PGP SIGNATURE-----