Package "python-pysaml2"

Name:	python-pysaml2
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: SAML Version 2 to be used in a WSGI environment - Python 3.x
Latest version:	3.0.0-3ubuntu1.16.04.4
Release:	xenial (16.04)
Level:	security
Repository:	universe

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "python-pysaml2" in Xenial

Repository	Area	Version
base	universe	3.0.0-3ubuntu1
base	main	3.0.0-3ubuntu1
security	main	3.0.0-3ubuntu1.16.04.4
updates	main	3.0.0-3ubuntu1.16.04.4
updates	universe	3.0.0-3ubuntu1.16.04.4

Packages in group

Deleted packages are displayed in grey.

python3-pysaml2

Changelog

Version: 3.0.0-3ubuntu1.16.04.4 2020-01-22 20:07:07 UTC

python-pysaml2 (3.0.0-3ubuntu1.16.04.4) xenial-security; urgency=medium * SECURITY UPDATE: Signature in SAML doc not checked properly - debian/patches/CVE-2020-5390.patch: fix XML signature wrapping (XSW) in src/saml2/sigver.py. - CVE-2020-5390 -- <email address hidden> (Leonidas S. Barbosa) Mon, 20 Jan 2020 14:04:48 -0300

Source diff to previous version

CVE-2020-5390

PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected

Version: 3.0.0-3ubuntu1.16.04.3 2018-01-08 18:06:26 UTC

Version: 3.0.0-3ubuntu1.16.04.3	2018-01-08 18:06:26 UTC
`python-pysaml2 (3.0.0-3ubuntu1.16.04.3) xenial-security; urgency=medium * SECURITY UPDATE: Any password can be used if optimizations are enabled - debian/patches/CVE-2017-1000433.patch: fixes authentication bypass due to optimizations in src/saml2/authn.py. - CVE-2017-1000433 * Adding fix for test 41 response - debian/patches/fix-test-41-response.patch -- <email address hidden> (Leonidas S. Barbosa) Fri, 05 Jan 2018 09:28:02 -0300`
Source diff to previous version

python-pysaml2 (3.0.0-3ubuntu1.16.04.3) xenial-security; urgency=medium * SECURITY UPDATE: Any password can be used if optimizations are enabled - debian/patches/CVE-2017-1000433.patch: fixes authentication bypass due to optimizations in src/saml2/authn.py. - CVE-2017-1000433 * Adding fix for test 41 response - debian/patches/fix-test-41-response.patch -- <email address hidden> (Leonidas S. Barbosa) Fri, 05 Jan 2018 09:28:02 -0300

Source diff to previous version

Version: 3.0.0-3ubuntu1.16.04.1	2017-08-24 13:06:40 UTC
No changelog available yet.

About - Send Feedback to @ubuntu_updates

Package "python-pysaml2"

Links

Other versions of "python-pysaml2" in Xenial

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

security

PPA updates