search

Roave / SecurityAdvisories

:closed_lock_with_key: Security advisories as a simple composer exclusion list, updated daily
MIT License
2.7k stars 105 forks source link

simplesamlphp advisories are out of date #45

Closed forevermatt closed 6 years ago

forevermatt commented 6 years ago

https://github.com/Roave/SecurityAdvisories/blob/0a373baba09d0d125d69f0e7a27a8dae2d068796/composer.json#L78-L79

Just wanted to bring to your attention that the simplesamlphp/simplesamlphp and simplesamlphp/saml2 advisories are behind: https://simplesamlphp.org/security/201803-01

Date

March 2, 2018

Affected versions

simplesamlphp/saml2 < 3.1.4 simplesamlphp/saml2 < 2.3.8 simplesamlphp/saml2 < 1.10.6 SimpleSAMLphp < 1.15.4

Severity

Medium

I'm not sure what the process is by which this repo stays updated, but this seemed worth mentioning. Thanks for the great help this repo is!

forevermatt commented 6 years ago

Well, if I'd read the README file first, I would hopefully have realized this was the wrong place to submit this issue. I'll try to add one on https://github.com/FriendsOfPHP/security-advisories

Thanks again

Ocramius commented 6 years ago

@forevermatt no problem, thanks for noticing! :+1: