UbuntuUpdates.org

Package "lasso"

Name: lasso

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Library for Liberty Alliance and SAML protocols - runtime library
  • Library for Liberty Alliance and SAML protocols - development kit

Latest version: 2.6.0-7ubuntu1.2
Release: focal (20.04)
Level: updates
Repository: main

Links



Other versions of "lasso" in Focal

Repository Area Version
base main 2.6.0-7ubuntu1
security main 2.6.0-7ubuntu1.2
security universe 2.6.0-7ubuntu1.2
updates universe 2.6.0-7ubuntu1.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.6.0-7ubuntu1.2 2021-06-02 05:06:28 UTC

  lasso (2.6.0-7ubuntu1.2) focal-security; urgency=medium

  * SECURITY UPDATE: unsigned assertions after signed valid assertions
    are honored.
    - d/p/CVE-2021-28091.patch: Fix signature checking on unsigned
      response with multiple assertions
    - CVE-2021-28091

 -- Steve Beattie <email address hidden> Fri, 28 May 2021 14:49:51 -0700

Source diff to previous version
CVE-2021-28091 XML signature wrapping vulnerability when parsing SAML responses

Version: 2.6.0-7ubuntu1.1 2020-10-20 14:06:22 UTC

  lasso (2.6.0-7ubuntu1.1) focal; urgency=medium

  * d/p/Fix-ECP-signature-not-found-error-when-only-assertion.patch:
    Cherry-picked from upstream bugfix for handling authn responses correctly
    (LP: #1897117).

 -- Chris MacNaughton <email address hidden> Fri, 25 Sep 2020 14:29:11 +0000

1897117 [SRU] liblasso3 on Bionic fails to process the ECP authn response



About   -   Send Feedback to @ubuntu_updates