Security advisory: Kopano Konnect & external SAML authority support

December 14, 2020

On monday the 14th of december the Mattermost team concluded their effort of a joined disclosure of issues found in a popular Golang XML parser also used in Kopano Konnect.

Users of Kopano Konnect who are using a SAML authority to sign into Konnect are recommended to update Konnect to version 0.33.11 or later.

The upstream advisory can be found at crewjam/saml – GHSA-4hq8-gmxx-h6w9

Affected products:

  • Kopano Konnect < 0.33.11

References:

Frequently asked questions (FAQ)

Kopano Basic includes a minium of 10 users and Kopano Professional includes a minimum of 20 users in its base packages. For Kopano Enterprise it is 50 users. Our licenses for additional users increase by an increment of 5 users.
Please send us your question via the form below. We will contact you as soon as possible. If you want to reach out to us on specific / longer topics, please use our contact form!