Mahara

Upgrade SimpleSAMLphp to version 1.19.1

Bug #1926682 reported by Lisa Seeto on 2021-04-30

262

This bug affects 2 people

	Status	Importance	Assigned to	Milestone
Mahara	Fix Released	High	Lisa Seeto	Mahara 21.04.1
20.04	Fix Released	High	Unassigned	Mahara 20.04.4
20.10	Fix Released	High	Unassigned	Mahara 20.10.2
21.04	Fix Released	High	Lisa Seeto	Mahara 21.04.1
21.10	Fix Released	High	Unassigned	Mahara 21.10.0

Bug Description

From the email sent out:

Hi,

we have released version 1.19.1 of SimpleSAMLphp.

The changelog and upgrade notes are available here, respectively:

https://simplesamlphp.org/docs/1.19/simplesamlphp-changelog
https://simplesamlphp.org/docs/1.19/simplesamlphp-upgrade-notes-1.19

The release is available for download here:

https://github.com/simplesamlphp/simplesamlphp/releases/download/v1.19.1/simplesamlphp-1.19.1.tar.gz

You can check the integrity of this file by comparing the SHA256 digest:
19e3860eff63f2367579b9ee5c2b7b609d7d17daacacd3e04823ddf599124747

Best regards,
Olav Morken
Uninett / Feide

The version contains the following security fix:
- Fix a security bug where in rare cases the database user credentials would be printed in exception messages

Lisa Seeto (lisaseeto) on 2021-04-30

Changed in mahara:
status:	New → In Progress

Robert Lyon (robertl-9) on 2021-05-02

no longer affects:

mahara/19.10

Lisa Seeto (lisaseeto) on 2021-05-21

information type:

Private Security → Public Security

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2021-05-21: A patch has been submitted for review

Patch for "21.04_STABLE" branch: https://reviews.mahara.org/11802

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2021-05-21:

Patch for "20.10_STABLE" branch: https://reviews.mahara.org/11803

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2021-05-21: A change has been merged

Reviewed: https://reviews.mahara.org/11739
Committed: https://git.mahara.org/mahara/mahara/commit/226430e9d53ba4ae481c45022a60079cfa4e230c
Submitter: Robert Lyon (<email address hidden>)
Branch: master

commit 226430e9d53ba4ae481c45022a60079cfa4e230c
Author: Lisa Seeto <email address hidden>
Date: Fri Apr 30 15:21:57 2021 +1200

Bug 1926682: Upgrade SimpleSAMLphp to version 1.19.1

- upgrade simpleSAML from version 1.19.0 to 1.19.1

Change-Id: I347d69171bba0d598a9e4b475d95243e2335691b
Signed-off-by: Lisa Seeto <email address hidden>

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2021-05-21:

Reviewed: https://reviews.mahara.org/11802
Committed: https://git.mahara.org/mahara/mahara/commit/0b6421a1d3e9d3ade89c70d9ec79c23b5b54aeac
Submitter: Robert Lyon (<email address hidden>)
Branch: 21.04_STABLE

commit 0b6421a1d3e9d3ade89c70d9ec79c23b5b54aeac
Author: Lisa Seeto <email address hidden>
Date: Fri Apr 30 15:21:57 2021 +1200

Bug 1926682: Upgrade SimpleSAMLphp to version 1.19.1

- upgrade simpleSAML from version 1.19.0 to 1.19.1

Change-Id: I347d69171bba0d598a9e4b475d95243e2335691b
Signed-off-by: Lisa Seeto <email address hidden>

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2021-05-21:

Reviewed: https://reviews.mahara.org/11803
Committed: https://git.mahara.org/mahara/mahara/commit/6fc85f79b442de065a66324ecda437d00a7b0f1e
Submitter: Lisa Seeto (<email address hidden>)
Branch: 20.10_STABLE

commit 6fc85f79b442de065a66324ecda437d00a7b0f1e
Author: Lisa Seeto <email address hidden>
Date: Fri Apr 30 15:21:57 2021 +1200

Bug 1926682: Upgrade SimpleSAMLphp to version 1.19.1

- upgrade simpleSAML from version 1.19.0 to 1.19.1

Change-Id: I347d69171bba0d598a9e4b475d95243e2335691b
Signed-off-by: Lisa Seeto <email address hidden>

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2021-05-21: A patch has been submitted for review

Patch for "20.04_STABLE" branch: https://reviews.mahara.org/11804

Revision history for this message

Mahara Bot (dev-mahara) wrote on 2021-05-21: A change has been merged

Reviewed: https://reviews.mahara.org/11804
Committed: https://git.mahara.org/mahara/mahara/commit/99dd8e7b3de2d74dc85fd098c546057843ceb2de
Submitter: Robert Lyon (<email address hidden>)
Branch: 20.04_STABLE

commit 99dd8e7b3de2d74dc85fd098c546057843ceb2de
Author: Lisa Seeto <email address hidden>
Date: Fri Apr 30 15:21:57 2021 +1200

Bug 1926682: Upgrade SimpleSAMLphp to version 1.19.1

- upgrade simpleSAML from version 1.19.0 to 1.19.1

Change-Id: I347d69171bba0d598a9e4b475d95243e2335691b
Signed-off-by: Lisa Seeto <email address hidden>

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicates of this bug

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.