Rod Widdowson of Steading System Software LLP discovered a coding error in the Dynamic metadata plugin of the Shibboleth Service Provider, causing the plugin to fail configuring itself with the filters provided and omitting whatever checks they are intended to perform. See https://shibboleth.net/community/advisories/secadv_20171115.txt for details. For the oldstable distribution (jessie), this problem has been fixed in version 2.5.3+dfsg-2+deb8u1. For the stable distribution (stretch), this problem has been fixed in version 2.6.0+dfsg1-4+deb9u1. We recommend that you upgrade your shibboleth-sp2 packages.
Rod Widdowson of Steading System Software LLP discovered a coding error
in the Dynamic
metadata plugin of the Shibboleth Service Provider,
causing the plugin to fail configuring itself with the filters provided
and omitting whatever checks they are intended to perform.
See https://shibboleth.net/community/advisories/secadv_20171115.txt for details.
For the oldstable distribution (jessie), this problem has been fixed in version 2.5.3+dfsg-2+deb8u1.
For the stable distribution (stretch), this problem has been fixed in version 2.6.0+dfsg1-4+deb9u1.
We recommend that you upgrade your shibboleth-sp2 packages.