[CRITICAL] Incorrect persistent NameID generation

PKSA-1258-5phg-53sm CVE-2017-12873 GHSA-gp2m-7cfp-h6gf

Affected package: simplesamlphp/simplesamlphp

Affected version: >=1.7.0,<1.14.11

Reported by:
GitHub, FriendsOfPHP/security-advisories