simplesamlphp v1.17.8 reported as insecure
rjgwiz opened this issue · 2 comments
rjgwiz commented
simplesamlphp/simplesamlphp/2019-11-19.yaml appears to report anything less than simplesamlphp/simplesamlphp
1.18.0 as insecure. simplesamlphp/simplesamlphp
v1.17.7 had a security issue which was addressed in https://github.com/simplesamlphp/simplesamlphp/releases/tag/v1.17.8.
Am I missing another security issue with v17.7.x, or should v1.17.8
be acceptable?
stof commented
the upper bound in this advisory seems to be wrong indeed, as the link says that both 1.17.8 and 1.18 contain the fix.