-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Hi all,
We hereby announce the immediate availability of Ipsilon release 1.0.2 and 1.1.1.
These releases both have a fix for CVE-2015-5301[1]. This security issue made it possible for any authenticated user to remove a Service Provider from Ipsilon, possibly resulting in a denial of service.
If you use the SAML2 identity provider plugin, we would suggest you to update as soon as possible. These updates do not necesitate a database upgrade within the respective release paths.
More information on the releases can be viewed on the release pages for 1.0.2[2] and 1.1.1[3].
To download the newest release, please go to https://fedorahosted.org/ipsilon/wiki/Releases
[1]: https://access.redhat.com/security/cve/CVE-2015-5301 [2]: https://fedorahosted.org/ipsilon/wiki/Releases/v1.0.2 [3]: https://fedorahosted.org/ipsilon/wiki/Releases/v1.1.1
- - - -- With kind regards, Patrick Uiterwijk Fedora Infra