OIOSAML.NET version 1.7.4
Releasedate: 21. November 2011
This release contains a security fix for a vulnerability found in the XML Encryption standard.
Version1.7.4 of OIOSAML.NET attempts to prevent this attack by hiding the details of errors to the end-user. The full error details are still accessible from the logfiles.
For debugging/testing purposes, it is possible to show all error messages in the browser as normal, by enabling this with the following new setting in web.config.
Filer og referencer