Описание
ELSA-2021-2989: lasso security update (IMPORTANT)
[2.5.1-8]
- Fix Coverity warning introduced by the previous patch
- Related: #1963855 - CVE-2021-28091 lasso: XML signature wrapping vulnerability when parsing SAML responses
[2.5.1-7]
- Fix Coverity warning introduced by the previous patch
- Related: #1963855 - CVE-2021-28091 lasso: XML signature wrapping vulnerability when parsing SAML responses
[2.5.1-6]
- Resolves: #1963855 - CVE-2021-28091 lasso: XML signature wrapping vulnerability when parsing SAML responses
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
lasso
2.5.1-8.el7_9
lasso-devel
2.5.1-8.el7_9
lasso-python
2.5.1-8.el7_9
Oracle Linux x86_64
lasso
2.5.1-8.el7_9
lasso-devel
2.5.1-8.el7_9
lasso-python
2.5.1-8.el7_9
Связанные CVE
Связанные уязвимости
CVSS3: 7.5
ubuntu
около 4 лет назад
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.
CVSS3: 8.8
redhat
около 4 лет назад
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.
CVSS3: 7.5
nvd
около 4 лет назад
Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.
CVSS3: 7.5
debian
около 4 лет назад
Lasso all versions prior to 2.7.0 has improper verification of a crypt ...