python-pysaml2 4.0.2-0ubuntu3.2 source package in Ubuntu
Changelog
python-pysaml2 (4.0.2-0ubuntu3.2) bionic-security; urgency=medium
* SECURITY UPDATE: improper verification of cryptographic signature
- debian/patches/CVE-2021-21239.patch: restrict the key data that
xmlsec1 accepts to only x509 certs in src/saml2/sigver.py,
tests/test_xmlsec1_key_data.py,
tests/xmlsec1-keydata/signed-assertion-random-embedded-cert.xml,
tests/xmlsec1-keydata/signed-assertion-with-hmac.xml,
tests/xmlsec1-keydata/signed-response-with-hmac.xml.
- CVE-2021-21239
* debian/patches/update-test-metadata-expiration.patch: update test
metadata expiration date in tests/metadata.aaitest.xml.
* debian/patches/update-test-metadata-expiration-2.patch: allow tests to
pass after 2020 in tests/InCommon-metadata.xml, tests/metadata.xml,
tests/swamid-2.0.xml, tests/vo_metadata.xml.
-- Marc Deslauriers <email address hidden> Tue, 22 Jun 2021 11:16:50 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Bionic | updates | main | misc | |
| Bionic | security | main | misc |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-pysaml2_4.0.2.orig.tar.gz | 13.0 MiB | 24cec8dbc20a7772854563ffc9a19297afcc38c4c7558c063b4c8c302f8a958b |
| python-pysaml2_4.0.2-0ubuntu3.2.debian.tar.xz | 21.4 KiB | 9bb97e1fbbaa22e154ec0fb2ac1b2acb05a2e3d6a9aaecbf7e023a1e68358339 |
| python-pysaml2_4.0.2-0ubuntu3.2.dsc | 2.8 KiB | e548eb8a844713b5007268f10b9a70789a4dde414cc9fced83430f694907de90 |
Available diffs
Binary packages built by this source
- python-pysaml2: SAML Version 2 to be used in a WSGI environment - Python 2.x
This package provides a Python implementation of SAML Version 2 to be used in
a WSGI environment.
.
From wikipedia: Security Assertion Markup Language 2.0 (SAML 2.0) is a version
of the SAML standard for exchanging authentication and authorization data
between security domains. SAML 2.0 is an XML-based protocol that uses security
tokens containing assertions to pass information about a principal (usually an
end user) between a SAML authority, that is, an identity provider, and a SAML
consumer, that is, a service provider. SAML 2.0 enables web-based
authentication and authorization scenarios including cross-domain single
sign-on (SSO), which helps reduce the administrative overhead of distributing
multiple authentication tokens to the user.
.
This package contains the Python 2.x module.
- python-pysaml2-doc: SAML Version 2 to be used in a WSGI environment - doc
This package provides a Python implementation of SAML Version 2 to be used in
a WSGI environment.
.
From wikipedia: Security Assertion Markup Language 2.0 (SAML 2.0) is a version
of the SAML standard for exchanging authentication and authorization data
between security domains. SAML 2.0 is an XML-based protocol that uses security
tokens containing assertions to pass information about a principal (usually an
end user) between a SAML authority, that is, an identity provider, and a SAML
consumer, that is, a service provider. SAML 2.0 enables web-based
authentication and authorization scenarios including cross-domain single
sign-on (SSO), which helps reduce the administrative overhead of distributing
multiple authentication tokens to the user.
.
This package contains the documentation.
- python3-pysaml2: SAML Version 2 to be used in a WSGI environment - Python 3.x
This package provides a Python implementation of SAML Version 2 to be used in
a WSGI environment.
.
From wikipedia: Security Assertion Markup Language 2.0 (SAML 2.0) is a version
of the SAML standard for exchanging authentication and authorization data
between security domains. SAML 2.0 is an XML-based protocol that uses security
tokens containing assertions to pass information about a principal (usually an
end user) between a SAML authority, that is, an identity provider, and a SAML
consumer, that is, a service provider. SAML 2.0 enables web-based
authentication and authorization scenarios including cross-domain single
sign-on (SSO), which helps reduce the administrative overhead of distributing
multiple authentication tokens to the user.
.
This package contains the Python 3.x module.
