This is a security-release of SimpleSAMLphp that involves a security vulnerability in an upstream library.
It affects those who use symmetric encryption of SAML assertions and allows an attacker to decrypt them.
For details, see: GHSA-4v26-v6cg-g6f9
Use the link below to download and verify this release. Here you can also download a package with the source code of this release.
Make sure to check the changelog and upgrade notes.
SHA256 checksum slim-release: e66dad641410539464d318476c92e509f1456a332c745de4c0d002325daf4080
SHA256 checksum full-release: 1fa1677fa58a2c241100897dac510d887930513186d921fe7df115afc430a7e9
Full Changelog: v2.4.4...v2.4.5