UbuntuUpdates.org

Package "python-pysaml2-doc"

Name: python-pysaml2-doc

Description:

SAML Version 2 to be used in a WSGI environment - doc

Latest version: 3.0.0-3ubuntu1.16.04.4
Release: xenial (16.04)
Level: security
Repository: main
Head package: python-pysaml2
Homepage: https://github.com/rohe/pysaml2

Links


Download "python-pysaml2-doc"


Other versions of "python-pysaml2-doc" in Xenial

Repository Area Version
base main 3.0.0-3ubuntu1
updates main 3.0.0-3ubuntu1.16.04.4

Changelog

Version: 3.0.0-3ubuntu1.16.04.4 2020-01-21 18:07:17 UTC

  python-pysaml2 (3.0.0-3ubuntu1.16.04.4) xenial-security; urgency=medium

  * SECURITY UPDATE: Signature in SAML doc not checked properly
    - debian/patches/CVE-2020-5390.patch: fix XML signature wrapping
      (XSW) in src/saml2/sigver.py.
    - CVE-2020-5390

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 20 Jan 2020 14:04:48 -0300

Source diff to previous version
CVE-2020-5390 PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected

Version: 3.0.0-3ubuntu1.16.04.3 2018-01-08 18:06:24 UTC

  python-pysaml2 (3.0.0-3ubuntu1.16.04.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Any password can be used if optimizations are enabled
    - debian/patches/CVE-2017-1000433.patch: fixes authentication bypass due
      to optimizations in src/saml2/authn.py.
    - CVE-2017-1000433
  * Adding fix for test 41 response
    - debian/patches/fix-test-41-response.patch

 -- <email address hidden> (Leonidas S. Barbosa) Fri, 05 Jan 2018 09:28:02 -0300

Source diff to previous version

Version: 3.0.0-3ubuntu1.16.04.1 2017-08-24 13:06:40 UTC
No changelog available yet.



About   -   Send Feedback to @ubuntu_updates