deploy: 9d4b8bc

Author: tvdijen

2024/11/25/upcoming-security-release.html

@@ -0,0 +1,19 @@
+<p>Hi!</p>
+
+<p>We’ve been made aware of a security issue in one of the dependencies of SimpleSAMLphp,
+The developers have evaluated the impact for SimpleSAMLphp, which we found to be high.
+If you’re using older versions or forks, please make sure you can build and release patched versions quickly.</p>
+
+<p>Timeline will be as follows:</p>
+
+<ul>
+  <li>Patch release on Sunday Dec 1st (as late as possible CET zone).</li>
+  <li>New releases for OpenConext and SimpleSAMLphp the next day on Dec 2nd as early as possible.</li>
+  <li>Publication of the security advisory with disclosure on the vulnerability on Sunday 8th.</li>
+</ul>
+
+<p>We understand this message will raise questions about the impact and the scope of the vulnerability, but please understand that we cannot answer any questions as long as this vulnerability is under embargo.</p>
+
+<p>Kind regards,</p>
+
+<p>The developer-team</p>

feed.xml

@@ -5,10 +5,39 @@
     <description>SimpleSAMLphp** is an award-winning application written in native PHP that deals with authentication. It implements support for multiple protocols, most notably SAML, OpenID or OAuth.</description>
     <link>https://simplesamlphp.org/</link>
     <atom:link href="https://simplesamlphp.org/feed.xml" rel="self" type="application/rss+xml"/>
-    <pubDate>Tue, 19 Nov 2024 18:18:02 +0000</pubDate>
-    <lastBuildDate>Tue, 19 Nov 2024 18:18:02 +0000</lastBuildDate>
+    <pubDate>Mon, 25 Nov 2024 19:50:28 +0000</pubDate>
+    <lastBuildDate>Mon, 25 Nov 2024 19:50:28 +0000</lastBuildDate>
     <generator>Jekyll v4.2.1</generator>
 
+      <item>
+        <title>Upcoming Security Release</title>
+        <description>&lt;p&gt;Hi!&lt;/p&gt;
+
+&lt;p&gt;We’ve been made aware of a security issue in one of the dependencies of SimpleSAMLphp,
+The developers have evaluated the impact for SimpleSAMLphp, which we found to be high.
+If you’re using older versions or forks, please make sure you can build and release patched versions quickly.&lt;/p&gt;
+
+&lt;p&gt;Timeline will be as follows:&lt;/p&gt;
+
+&lt;ul&gt;
+  &lt;li&gt;Patch release on Sunday Dec 1st (as late as possible CET zone).&lt;/li&gt;
+  &lt;li&gt;New releases for OpenConext and SimpleSAMLphp the next day on Dec 2nd as early as possible.&lt;/li&gt;
+  &lt;li&gt;Publication of the security advisory with disclosure on the vulnerability on Sunday 8th.&lt;/li&gt;
+&lt;/ul&gt;
+
+&lt;p&gt;We understand this message will raise questions about the impact and the scope of the vulnerability, but please understand that we cannot answer any questions as long as this vulnerability is under embargo.&lt;/p&gt;
+
+&lt;p&gt;Kind regards,&lt;/p&gt;
+
+&lt;p&gt;The developer-team&lt;/p&gt;
+</description>
+        <pubDate>Mon, 25 Nov 2024 00:00:00 +0000</pubDate>
+        <link>https://simplesamlphp.org/2024/11/25/upcoming-security-release.html</link>
+        <guid isPermaLink="true">https://simplesamlphp.org/2024/11/25/upcoming-security-release.html</guid>
+        
+        
+      </item>
+    
       <item>
         <title>Sspboard Strategy And Funding</title>
         <description>&lt;p&gt;&lt;strong&gt;SimpleSAMLphp board documents&lt;/strong&gt;: The board have published documents detailing the &lt;a href=&quot;https://github.com/simplesamlphp/governance/blob/main/docs/SimpleSAMLphp%20Strategy.md&quot;&gt;strategy and operational approach&lt;/a&gt; and a &lt;a href=&quot;https://github.com/simplesamlphp/governance/blob/main/docs/SimpleSAMLphp%20-%20Funding%20Solicitation.md&quot;&gt;funding solicitation&lt;/a&gt; for those who wish to support the project.&lt;/p&gt;
@@ -109,16 +138,5 @@
 
       </item>
 
-      <item>
-        <title>Simplesamlphp 2.0.0rc2</title>
-        <description>&lt;p&gt;&lt;strong&gt;The second (and maybe final) release candidate for SimpleSAMLphp 2.0&lt;/strong&gt; is available. Please help us test this pre-release. Check the &lt;a href=&quot;/download&quot;&gt;downloads page&lt;/a&gt; for more information.&lt;/p&gt;
-</description>
-        <pubDate>Mon, 26 Sep 2022 00:00:00 +0000</pubDate>
-        <link>https://simplesamlphp.org/2022/09/26/SimpleSAMLphp-2.0.0rc2.html</link>
-        <guid isPermaLink="true">https://simplesamlphp.org/2022/09/26/SimpleSAMLphp-2.0.0rc2.html</guid>
-        
-        
-      </item>
-    
   </channel>
 </rss>

index.html

@@ -96,6 +96,11 @@ <h2 id="last-release">Last release</h2>
 
 <h2 id="latest-news">Latest news</h2>
 
+<p><a name="news-20241125upcoming-security-release"></a></p>
+<ul>
+  <li><em>2024-11-25</em>: Hi!</li>
+</ul>
+
 <p><a name="news-20240607sspboard-strategy-and-funding"></a></p>
 <ul>
   <li><em>2024-06-07</em>: <strong>SimpleSAMLphp board documents</strong>: The board have published documents detailing the <a href="https://github.com/simplesamlphp/governance/blob/main/docs/SimpleSAMLphp%20Strategy.md">strategy and operational approach</a> and a <a href="https://github.com/simplesamlphp/governance/blob/main/docs/SimpleSAMLphp%20-%20Funding%20Solicitation.md">funding solicitation</a> for those who wish to support the project.</li>
@@ -141,11 +146,6 @@ <h2 id="latest-news">Latest news</h2>
   <li><em>2022-12-05</em>: <strong>SimpleSAMLphp 1.19.7</strong> has been released. Please check the <a href="/download">downloads page</a> for more information.</li>
 </ul>
 
-<p><a name="news-20220926SimpleSAMLphp-2.0.0rc2"></a></p>
-<ul>
-  <li><em>2022-09-26</em>: <strong>The second (and maybe final) release candidate for SimpleSAMLphp 2.0</strong> is available. Please help us test this pre-release. Check the <a href="/download">downloads page</a> for more information.</li>
-</ul>
-
 
     </main>
 

sitemap.xml

@@ -190,6 +190,10 @@
         </url>
 
 
+        <url>
+            <loc>https://simplesamlphp.org/2024/11/25/upcoming-security-release.html</loc>
+        </url>
+  
         <url>
             <loc>https://simplesamlphp.org/2024/06/07/sspboard-strategy-and-funding.html</loc>
         </url>