Thanks, Jérôme! Based on the opening statement of "affects the handling of secret keys with Google Authenticator for multifactor authentication" is it safe to assume that this only affects CAS implementations that use Google Authenticator for MFA (as opposed to Duo or another MFA implementation)?
Thank you, Mike On Thu, Oct 15, 2020 at 2:32 AM Jérôme LELEU <[email protected]> wrote: > Hi, > > Please see: https://apereo.github.io/2020/10/14/gauthvuln/ > Thanks. > Best regards, > Jérôme > > -- > You received this message because you are subscribed to the Google Groups > "CAS Developer" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-dev/CAP279Lw1zqtJP90kD-6ibeFCf4qJMZvLSjsWOBicp11cA9EchQ%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-dev/CAP279Lw1zqtJP90kD-6ibeFCf4qJMZvLSjsWOBicp11cA9EchQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/CAEdMQHV5PHPo4zJ_Py59ubsBtdLAa3d7VgGB9fpnx9m1StPHiQ%40mail.gmail.com.
