Security advisory: Kopano Konnect & external SAML authority support

December 14, 2020

On monday the 14th of december the Mattermost team concluded their effort of a joined disclosure of issues found in a popular Golang XML parser also used in Kopano Konnect.

Users of Kopano Konnect who are using a SAML authority to sign into Konnect are recommended to update Konnect to version 0.33.11 or later.

The upstream advisory can be found at crewjam/saml – GHSA-4hq8-gmxx-h6w9

Affected products:

Kopano Konnect < 0.33.11

References:

Frequently asked questions (FAQ)

How many users do I need to purchase?

Kopano Basic includes a minium of 10 users and Kopano Professional includes a minimum of 20 users in its base packages. For Kopano Enterprise it is 50 users. Our licenses for additional users increase by an increment of 5 users.

I have another question! / I want to know more!

Please send us your question via the form below. We will contact you as soon as possible. If you want to reach out to us on specific / longer topics, please use our contact form!