From liam.gretton at leicester.ac.uk Tue Feb 17 15:45:46 2026 From: liam.gretton at leicester.ac.uk (Gretton, Liam) Date: Tue, 17 Feb 2026 15:45:46 +0000 Subject: [ZendTo] SimpleSAML References: Message-ID: We're in the process of MFA-ing our Zend.To installation and we've found that the ZendTo-saml version is extremely old (1.2, some time before 2016) and has a serious vulnerability CVE-2023-28154. Are there any plans to update this, preferably with SimpleSAML 2? Alternatively has anyone had any success just dropping in SimpleSAML2 as a replacement? -------------- next part -------------- An HTML attachment was scrubbed... URL: