python-pysaml2 4.5.0-4+deb10u1 source package in Debian
Changelog
python-pysaml2 (4.5.0-4+deb10u1) buster-security; urgency=medium
* CVE-2020-5390: does not check that the signature in a SAML document is
enveloped and thus signature wrapping is effective, i.e., it is affected by
XML Signature Wrapping (XSW). Applied upstream patch: Fix XML Signature
Wrapping (XSW) vulnerabilities (Closes: #949322).
* Remove a test file that will fail past 2020-11-28 (Closes: #949227).
* Add fix-importing-mock-in-py2.7.patch.
* Add remove-test_switch_1.patch.
-- Thomas Goirand <email address hidden> Fri, 07 Feb 2020 09:27:20 +0100
Upload details
- Uploaded by:
- Debian OpenStack
- Uploaded to:
- Buster
- Original maintainer:
- Debian OpenStack
- Architectures:
- all
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Buster | release | main | misc |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-pysaml2_4.5.0-4+deb10u1.dsc | 2.9 KiB | 7666259a25a9a905927bd07e3770bc51a2b11a354fc88eb144caa5060ef197ce |
| python-pysaml2_4.5.0.orig.tar.xz | 2.6 MiB | 3e1a807fc82998883d8648624fabcda57a446a198e297c36a14e7969c4c2ddc1 |
| python-pysaml2_4.5.0-4+deb10u1.debian.tar.xz | 14.9 KiB | c09d116988a6af9273c4f2a8a7b59b07d619ae0144e822f50b0900049a187b19 |
No changes file available.
