Package "python-pysaml2"

Name: python-pysaml2


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • SAML Version 2 to be used in a WSGI environment - doc
  • SAML Version 2 to be used in a WSGI environment - Python 3.x

Latest version: 4.5.0+dfsg1-0ubuntu2.19.10.1
Release: eoan (19.10)
Level: updates
Repository: main


Other versions of "python-pysaml2" in Eoan

Repository Area Version
base universe 4.5.0+dfsg1-0ubuntu2
base main 4.5.0+dfsg1-0ubuntu2
security main 4.5.0+dfsg1-0ubuntu2.19.10.1
security universe 4.5.0+dfsg1-0ubuntu2.19.10.1
updates universe 4.5.0+dfsg1-0ubuntu2.19.10.1

Packages in group

Deleted packages are displayed in grey.


Version: 4.5.0+dfsg1-0ubuntu2.19.10.1 2020-01-21 19:07:20 UTC

  python-pysaml2 (4.5.0+dfsg1-0ubuntu2.19.10.1) eoan-security; urgency=medium

  * SECURITY UPDATE: Signature in SAML doc not checked properly
    - debian/patches/CVE-2020-5390.patch: fix XML signature wrapping
      (XSW) in src/saml2/sigver.py, tests/saml2_response_xsw.xml,
    - CVE-2020-5390
  * Fixing test_41_response
    - debian/patches/Fix-test-41-that-now-depend-on-acual-datetime.patch:
      Fix test that depended on actual datetime in tests/test_41_response.py.

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 21 Jan 2020 09:39:08 -0300

CVE-2020-5390 PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected

About   -   Send Feedback to @ubuntu_updates