[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[upki-fed:01087] 【補足情報】【注意喚起】Shibboleth IdPの脆弱性について
- Subject: [upki-fed:01087] 【補足情報】【注意喚起】Shibboleth IdPの脆弱性について
- Date: Mon, 21 Nov 2016 18:11:38 +0900
- From: 国立情報学研究所 学認事務局 野田 <xxxxxxxxxxxxxx@xxxxxxxxx>
$B3XG'>pJs8r49(BML$B;22CpJs3X8&5f=j!!3XG';vL36I$NLnED$G$9!#(B
$B$$$D$b3XG'$N1?1D$K$46(NO2<$5$j!$$"$j$,$H$&$4$6$$$^$9!#(B
2016$BG/(B11$B7n(B1$BF|IU$G%"%J%&%s%9$$$?$7$^$7$?(B
$B!V(BShibboleth IdP$B!W$N(BLDAP result caching$B5!G=$N@HpJs$r$*CN$i$;$$$?$7$^$9!#(B
2016$BG/(B11$B7n(B11$BF|$K(BShibboleth IdP V3.3.0([2])$B$,%j%j!<%9$5$l$^$7$?!#(B
LDAP result caching$B5!G=$,I,MW$J5!4X$K$*$+$l$^$7$F$O!$(B3.3.0$B%j%j!<%98e$K(B
$B%"%C%W%G!<%H$r9T$C$?>e$G!$2~$a$F(B<ResultCache>$BMWAG$r@_Dj$7$F$/$@$5$$!#(B
$B$^$?!$(BV3.3.0$B$G$O!V(BLDAP$B@\B3$K%?%$%`%"%&%H$,@_Dj$5$l$F$*$i$:!$DL?.4D6-$,(B
$BIT0BDj$J>l9g$K%m%C%/$9$k!WIT6q9g$K$D$$$F$b=$@5$5$l$F$$$^$9!#(B([3][4][5])
$B;29M>pJs(B:
[1] [upki-fed:01079] $B!ZCm0U4-5/![(BShibboleth IdP$B$N@Hhttps://www.gakunin.jp/ml-archives/upki-fed/msg01067.html
[2] Shibboleth Identity Provider V3.3.0 Released
https://wiki.shibboleth.net/confluence/display/NEWS/2016/11/10/Shibboleth+Identity+Provider+V3.3.0+Released
[3] shibboleth-users ML
https://marc.info/?t=147387654300001&r=1&w=2
[4] GitHub vt-middleware/ldaptive
https://github.com/vt-middleware/ldaptive/issues/81
[5] Set default responseTimeout for LDAP auth
https://issues.shibboleth.net/jira/browse/IDP-986
On 2016/11/01 10:34, $B3XG';vL36I!!Kv1J(B wrote:
$B3XG'>pJs8r49%a!<%j%s%0%j%9%H;22CpJs3X8&5f=j!!3XG';vL36I$G$9!#(B
$BJ?AG$h$j3XG'$N1?1D$K$46(NO$r;r$j!$$"$j$,$H$&$4$6$$$^$9!#(B
Shibboleth Project$B$h$j!$(BShibboleth IdP$B$K4X$9$k@Hl9g(B
$B$K$O!$K\@Hl9g$O(B<ResultCache>$BMWAG$rDj5A$7$F(B
$B$$$^$;$s!#(B
Shibboleth IdP$B$N@_Dj$r$43NG'$$$?$@$-!$(B<ResultCache>$BMWAG$rDj5A$5$l$F$$$k(B
$B>l9g$K$O2<5-$N$4BP1~$r$*4j$$$$$?$7$^$9!#(B
----------------------------------------------------------------------
- attribute-resolver.xml$B$+$i(B<ResultCache>$BMWAG$r:o=|$7$F(BShibboleth IdP$B$r(B
$B:F5/F0$7!$(BLDAP result caching$B5!G=$rL58z2=$7$F$/$@$5$$!#(B
- $BK\@Hl9g$O!$(B3.3.0$B%j%j!<%98e$K%"%C%W%G!<%H$r(B
$B!!9T$C$?>e$G!$2~$a$F(B<ResultCache>$BMWAG$r@_Dj$7$F$/$@$5$$!#(B
----------------------------------------------------------------------
$B>\:Y$O0J2<$N;29M>pJs$r$4;2>H$/$@$5$$!#(B
$B;29M>pJs(B:
[1] Shibboleth Identity Provider Security Advisory [27 October 2016]
http://shibboleth.net/community/advisories/secadv_20161027.txt
--
=========================================================
$B!!9qN)>pJs3X8&5f=j(B $B3X=Q4pHW2](B $B3XG';vL36I!!!JC4Ev!'LnED!K(B
$B!!(BTEL$B!'(B03-4212-2218$B!!(xxxxxxxxxxxxxxx@xxxxxxxxx
$B!!3XG'(BWeb$B%Z!<%8(B https://www.gakunin.jp/
$B!!?=@A%7%9%F%`(B https://office.gakunin.nii.ac.jp/
=========================================================