Releases: SAML-Toolkits/php-saml
Releases · SAML-Toolkits/php-saml
OneLogin's SAML PHP Toolkit v3.8.2
- Update xmlseclibs version requirement to 3.1.5 due CVE-2026-32313
- Force Fix phpunit > 8.5.51 due GHSA-vvj3-c3rp-c85p. Adapt tests to work with that phpunit version
- Drop support PHP < 7.2
OneLogin's SAML PHP Toolkit v4.3.2
- Updates xmlseclibs to 3.1.5 due CVE-2026-32313
OneLogin's SAML PHP Toolkit v2.21.2
The version 2.21.1 was released with the wrong version.json file and missed Changelog.
The 2.21.2 version has the same code than 2.21.2 but set right version and update Changelog
OneLogin's SAML PHP Toolkit v4.3.1
- Update xmlseclibs version requirement to 3.1.4 due CVE-2025-66475
OneLogin's SAML PHP Toolkit v3.8.1
Security:
- Update xmlseclibs version requirement to 3.1.4 due CVE-2025-66475
OneLogin's SAML PHP Toolkit v2.21.1
Security:
- Fix xmlseclibs vulnerability CVE-2025-66475
OneLogin's SAML PHP Toolkit v4.3.0
- PHP 8.4 Compatibility via #600 and #607.
- #619 Add Parameter checking on validateBinarySign, inspired on CVE-2025-27773
- #603 Fix typo in ignoreValidUntil that breaks metadata. Add parameter to exclude validUntil on Settings getSPMetadata
- #594 Add support for encrypted name id in encrypted assertion
- Fix buildWithBaseURLPath. See #581
- Doc fix typo
- Remove Travis CI references
OneLogin's SAML PHP Toolkit v3.8.0
- #619 Add Parameter checking on validateBinarySign, inspired on CVE-2025-27773
- #603 Fix typo in ignoreValidUntil that breaks metadata. Add parameter to exclude validUntil on Settings getSPMetadata
- #594 Add support for encrypted name id in encrypted assertion
- Fix buildWithBaseURLPath. See #581
- Doc fix typo
- Remove Travis CI references
OneLogin's SAML PHP Toolkit v2.21.0
- #619 Add Parameter checking on validateBinarySign, inspired on CVE-2025-27773
- #603 Fix typo in ignoreValidUntil that breaks metadata. Add parameter to exclude validUntil on Settings getSPMetadata
- #594 Add support for encrypted name id in encrypted assertion
- Fix buildWithBaseURLPath. See #581
- Doc fix typo
- Remove Travis CI references
OneLogin's SAML PHP Toolkit v4.2.0
- #586 IdPMetadataParser::parseRemoteXML - Add argument for setting whether to validate peer SSL certificate
- #585 Declare conditional return types
- #577 Allow empty NameID value when no strict or wantNameId is false
- #570 Support X509 cert comments
- #569 Add parameter to exclude validUntil on SP Metadata XML
- #551 Fix compatibility with proxies that extends HTTP_X_FORWARDED_HOST
- LogoutRequest and the LogoutResponse object to separate functions
- Make Saml2\Auth can accept a param $spValidationOnly
- Fix typos on readme.
- #480 Fix typo on SPNameQualifier mismatch error message
- Remove unbound version constraints on xmlseclibs
- Update dependencies
- Fix test payloads
- Remove references to OneLogin.