robrichards
commented
6 years ago @runcoach I don't believe so otherwise OneLogin's php implementation would have been flagged as well and I haven't heard anything regarding the issue
Closed runcoach closed 5 years ago
robrichards
commented
6 years ago @runcoach I don't believe so otherwise OneLogin's php implementation would have been flagged as well and I haven't heard anything regarding the issue
robrichards
commented
6 years ago Thanks, Yes there are a couple of more changes that need to go in before I make a release. Will leave this open until then
robrichards
commented
5 years ago The finally changes have been pushed in 3.0.2
I was specifically asked about this vulnerability today. xmlseclibs does not appear on the affected or not affected list. Just putting it on the radar https://www.kb.cert.org/vuls/id/475445