Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Problem/Motivation
The dvd_digid module uses the SimpleSAMLphp library version 1.11.0. This release was tagged on Nov 19, 2013 and has received several updates since, including several security releases.
Proposed resolution
Update the SimpleSAMLphp library to 1.14.11, so DigiD uses the most secure code.
Remaining tasks
- Write a patch
- Review
- Commit
User interface changes
Hopefully none.
API changes
Notable changes in the library:
- Remove "override.host" config option (https://github.com/simplesamlphp/simplesamlphp/issues/2)
Data model changes
None.
Comment | File | Size | Author |
---|---|---|---|
#4 | dvg-simplesamlphp_digid_fix-2857549-2.patch | 607 bytes | idebr |
#3 | dvg-simplesamlphp_update-2857549-3.patch | 1.34 KB | idebr |
Comments
Comment #2
idebr CreditAttribution: idebr at ezCompany commentedAdded notable change: Remove "override.host" config option (https://github.com/simplesamlphp/simplesamlphp/issues/2)
Comment #3
idebr CreditAttribution: idebr at ezCompany commentedImportant release notes for the upgrade path:
Comment #4
idebr CreditAttribution: idebr at ezCompany commentedUploaded 'dvg-simplesamlphp_digid_fix-2857549-2.patch'
Comment #6
ralphvdhoudt CreditAttribution: ralphvdhoudt at ezCompany commentedCommitted added info about update in #2831698: Release 1.1
Comment #7
ralphvdhoudt CreditAttribution: ralphvdhoudt at ezCompany commented