Dear Community Member,
With the recent vulnerability found in the Lasso library
(CVE-2021-28091), which PacketFence uses to do SAML-based authentication
on its captive portal, we urge you to temporarily disable this
authentication source from your captive portal until updated packages
are available for your operating system of choice.
If you are NOT using SAML authentication on your captive portal, you are
not affected by this bug.
In order to have the full fix for these issues, you must update the
Lasso packages to v2.7.0 or later. We also recommend that you unregister
devices that were registered through this registration option.
If you need further assistance on this issue, please use the mailing
list. Thanks,
The Inverse team
--
Ludovic Marcotte
lmarco...@inverse.ca :: +1.514.755.3630 :: https://inverse.ca
Inverse inc. :: Leaders behind SOGo (https://sogo.nu), PacketFence
(https://packetfence.org) and Fingerbank (https://fingerbank.org)
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
