[ZendTo] SimpleSAML

[Gretton, Liam]

We're in the process of MFA-ing our Zend.To installation and we've found that the ZendTo-saml version is extremely old (1.2, some time before 2016) and has a serious vulnerability CVE-2023-28154.

Are there any plans to update this, preferably with SimpleSAML 2? Alternatively has anyone had any success just dropping in SimpleSAML2 as a replacement?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jul.es/pipermail/zendto/attachments/20260217/1cbd1c1f/attachment-0001.html>