UbuntuUpdates.org

Package "python-lasso"

Name: python-lasso

Description:

Library for Liberty Alliance and SAML protocols - Python bindings

Latest version: 2.5.1-0ubuntu1.2
Release: bionic (18.04)
Level: security
Repository: universe
Head package: lasso
Homepage: http://lasso.entrouvert.org

Links


Download "python-lasso"


Other versions of "python-lasso" in Bionic

Repository Area Version
base universe 2.5.1-0ubuntu1
updates universe 2.5.1-0ubuntu1.2

Changelog

Version: 2.5.1-0ubuntu1.2 2021-06-02 05:06:24 UTC

  lasso (2.5.1-0ubuntu1.2) bionic-security; urgency=medium

  * SECURITY UPDATE: unsigned assertions after signed valid assertions
    are honored.
    - d/p/CVE-2021-28091.patch: Fix signature checking on unsigned
      response with multiple assertions
    - CVE-2021-28091

 -- Steve Beattie <email address hidden> Fri, 28 May 2021 14:56:48 -0700

CVE-2021-28091 XML signature wrapping vulnerability when parsing SAML responses



About   -   Send Feedback to @ubuntu_updates