LemonLDAP::NG 1.9.20 is out!

This is a minor release for LemonLDAP::NG 1.9 with some bugfixes and security fixes:

• Fix CDA (CrossDomain Authentication) which was broken with a security fix done in 1.9.19
• [Security:medium] XXE vulnerability in SOAP notification server

This security issue affects you if you have enabled notifications and are using the SOAP notification server to create them. See CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13031

The full changelog can be seen here: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/milestones/65

Download: https://release.ow2.org/lemonldap/

Note that 1.9 is the old stable version, you are encouraged to migrate your installation to 2.0 version, following this documentation: https://lemonldap-ng.org/documentation/latest/upgrade

They made this release:

• Core team: Maxime Besson, Xavier Guimard, Christophe Maudoux and Clément Oudot
• Organizations: Gendarmerie Nationale, Worteks, Orange
• Community: Jérémie Pierson

If you use LemonLDAP::NG and enjoy it, please let us know:

• https://lemonldap-ng.org/references
• https://www.openhub.net/p/lemonldap-ng
• http://alternativeto.net/software/lemonldap-ng/
• https://comptoir-du-libre.org/softwares/view/101
• https://framalibre.org/content/lemonldapng
• http://twitter.com/lemonldapng
• https://www.facebook.com/lemonldapng/