Security Advisories for Shibboleth Service Providers in the UK federation: second advisory

Posted on Monday, 17 August 2009

This advisory addresses an issue with incorrect handling of the "use" attribute in metadata <KeyDescriptor> elements. We do not believe that a service provider deployed purely within the UK federation (i.e., consuming only UK federation metadata) would be affected by this issue. Edited by SteveGlover on 12 May 2010, at 02:58 PM