Jasig Jasig CAS CAS Developers

Release Announcement: CAS Security Patches

classic Classic list List threaded Threaded
3 messages Options
Jérôme LELEU
Reply | Threaded
Open this post in threaded view
|

Release Announcement: CAS Security Patches

Jérôme LELEU
Hi,

Thanks.
Best regards,
Jérôme

--
You received this message because you are subscribed to the Google Groups "CAS Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/CAP279Lw1zqtJP90kD-6ibeFCf4qJMZvLSjsWOBicp11cA9EchQ%40mail.gmail.com.
Mike Osterman
Reply | Threaded
Open this post in threaded view
|

Re: Release Announcement: CAS Security Patches

Mike Osterman
Thanks, Jérôme! 

Based on the opening statement of "affects the handling of secret keys with Google Authenticator for multifactor authentication" is it safe to assume that this only affects CAS implementations that use Google Authenticator for MFA (as opposed to Duo or another MFA implementation)?

Thank you,
Mike

On Thu, Oct 15, 2020 at 2:32 AM Jérôme LELEU <[hidden email]> wrote:
Hi,

Thanks.
Best regards,
Jérôme

--
You received this message because you are subscribed to the Google Groups "CAS Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/CAP279Lw1zqtJP90kD-6ibeFCf4qJMZvLSjsWOBicp11cA9EchQ%40mail.gmail.com.

--
You received this message because you are subscribed to the Google Groups "CAS Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/CAEdMQHV5PHPo4zJ_Py59ubsBtdLAa3d7VgGB9fpnx9m1StPHiQ%40mail.gmail.com.
Jérôme LELEU
Reply | Threaded
Open this post in threaded view
|

Re: Release Announcement: CAS Security Patches

Jérôme LELEU
Hi,

Yes, exactly, this only affects the Google Authenticator MFA support.
Thanks.
Best regards,
Jérôme


Le jeu. 15 oct. 2020 à 22:13, Mike Osterman <[hidden email]> a écrit :
Thanks, Jérôme! 

Based on the opening statement of "affects the handling of secret keys with Google Authenticator for multifactor authentication" is it safe to assume that this only affects CAS implementations that use Google Authenticator for MFA (as opposed to Duo or another MFA implementation)?

Thank you,
Mike

On Thu, Oct 15, 2020 at 2:32 AM Jérôme LELEU <[hidden email]> wrote:
Hi,

Thanks.
Best regards,
Jérôme

--
You received this message because you are subscribed to the Google Groups "CAS Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/CAP279Lw1zqtJP90kD-6ibeFCf4qJMZvLSjsWOBicp11cA9EchQ%40mail.gmail.com.

--
You received this message because you are subscribed to the Google Groups "CAS Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/CAP279Lw1xZCcMBRDm2_dmb2JVTxKF7eTr_wWj0cQo0UEE1%2BimQ%40mail.gmail.com.
Free forum by Nabble Edit this page