Security advisory: Kopano Konnect & external SAML authority support

December 14, 2020

On monday the 14th of december the Mattermost team concluded their effort of a joined disclosure of issues found in a popular Golang XML parser also used in Kopano Konnect.

Users of Kopano Konnect who are using a SAML authority to sign into Konnect are recommended to update Konnect to version 0.33.11 or later.

The upstream advisory can be found at crewjam/saml – GHSA-4hq8-gmxx-h6w9

Affected products:

  • Kopano Konnect < 0.33.11

References:

Frequently asked questions (FAQ)

Kopano Basic and Kopano Professional include up to 10 users in its base packages. For Kopano Enterprise it is 50 users. Our licenses for additional users increase by an increment of 5 users.
Kopano ONE is a special edition of Kopano Groupware, in which all components are optimized for a quick and easy setup and start.  
Kopano ONE is supported on Debian 10 and support for RHEL 8 will be supported soon. Besides this we focus on appliances and think about containerization and virtualization.
For installations with up to 250 users we recommend Kopano ONE. For larger installations please reach out to sales to learn which edition fits best to your needs.
We are currently working on a migration path from existing Kopano Groupware installations to Kopano ONE. Please note that special requirements (everything besides directory on the same system) do apply to Kopano ONE.
Kopano Core 9 will be available in our repositories in early 2021. In the meantime you may have a look at Kopano ONE.
Kopano Core 9 will be available in our repositories in early 2021. In the meantime you may have a look at Kopano ONE.
Please send us your question via the form below. We will contact you as soon as possible. If you want to reach out to us on specific / longer topics, please use our contact form!