SUSE CVE-2017-16852

shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth Service Provider before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity...

SUSE CVE-2017-16853

The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in OpenSAML-C in OpenSAML before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity...

SUSE-SU-2017:3234-1 Security update for opensaml

This update for opensaml fixes the following issues: Security issue fixed: - CVE-2017-16853: Fix the DynamicMetadataProvider class to properly configure itself with the MetadataFilter plugins, to avoid possible MITM attacks bsc1068685...

UBUNTU-CVE-2017-16853

The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in OpenSAML-C in OpenSAML before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity...

FreeBSD : shibboleth2-sp -- 'Dynamic' metadata provider plugin issue (b4b7ec7d-ca27-11e7-a12d-6cc21735f730)

The Internet2 community reports : The Shibboleth Service Provider software includes a MetadataProvider plugin with the plugin type 'Dynamic' to obtain metadata on demand from a query server, in place of the more typical mode of downloading aggregates separately containing all of the metadata to...