python-pysaml2 4.5.0-4+deb10u1 source package in Debian
Changelog
python-pysaml2 (4.5.0-4+deb10u1) buster-security; urgency=medium * CVE-2020-5390: does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). Applied upstream patch: Fix XML Signature Wrapping (XSW) vulnerabilities (Closes: #949322). * Remove a test file that will fail past 2020-11-28 (Closes: #949227). * Add fix-importing-mock-in-py2.7.patch. * Add remove-test_switch_1.patch. -- Thomas Goirand <email address hidden> Fri, 07 Feb 2020 09:27:20 +0100
Upload details
- Uploaded by:
- Debian OpenStack
- Uploaded to:
- Buster
- Original maintainer:
- Debian OpenStack
- Architectures:
- all
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Buster | release | main | misc |
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
python-pysaml2_4.5.0-4+deb10u1.dsc | 2.9 KiB | 7666259a25a9a905927bd07e3770bc51a2b11a354fc88eb144caa5060ef197ce |
python-pysaml2_4.5.0.orig.tar.xz | 2.6 MiB | 3e1a807fc82998883d8648624fabcda57a446a198e297c36a14e7969c4c2ddc1 |
python-pysaml2_4.5.0-4+deb10u1.debian.tar.xz | 14.9 KiB | c09d116988a6af9273c4f2a8a7b59b07d619ae0144e822f50b0900049a187b19 |
No changes file available.