ubuntu/+source/python-pysaml2:applied/ubuntu/xenial-devel

Last commit made on 2020-01-21
Get this branch:
git clone -b applied/ubuntu/xenial-devel https://git.launchpad.net/ubuntu/+source/python-pysaml2
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/xenial-devel
Repository:
lp:ubuntu/+source/python-pysaml2

Recent commits

04c34cf... by Leonidas S. Barbosa on 2020-01-20

Import patches-applied version 3.0.0-3ubuntu1.16.04.4 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 158973d216ea05d1d6d1fabe5958fee8081381b0
Unapplied parent: 1e112505177801a40da7fe09d9a483bb1b0315be

New changelog entries:
  * SECURITY UPDATE: Signature in SAML doc not checked properly
    - debian/patches/CVE-2020-5390.patch: fix XML signature wrapping
      (XSW) in src/saml2/sigver.py.
    - CVE-2020-5390

1e11250... by Leonidas S. Barbosa on 2020-01-20

[PATCH] Fix XML Signature Wrapping (XSW) vulnerabilities

Gbp-Pq: CVE-2020-5390.patch.

dac8277... by Leonidas S. Barbosa on 2020-01-20

[PATCH] Applied proposal by jozef@github. Pull request 301. Fixed

Gbp-Pq: fix-test-41-response.patch.

f2ac0df... by Leonidas S. Barbosa on 2020-01-20

[PATCH] Quick fix for the authentication bypass due to optimizations

Gbp-Pq: CVE-2017-1000433.patch.

ecd40eb... by Leonidas S. Barbosa on 2020-01-20

[PATCH] Fixed test

Gbp-Pq: fix-tests.patch.

e6891a1... by Leonidas S. Barbosa on 2020-01-20

[PATCH] Fix XXE in XML parsing (related to #366)

Gbp-Pq: CVE-2016-10149.patch.

c06efb0... by Leonidas S. Barbosa on 2020-01-20

disable-repoze.who-tests.patch

No DEP3 Subject or Description header found

Gbp-Pq: disable-repoze.who-tests.patch.

f9d9faf... by Leonidas S. Barbosa on 2020-01-20

Import patches-unapplied version 3.0.0-3ubuntu1.16.04.4 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9bf8730d6da682023c901850b42914b337721a8b

New changelog entries:
  * SECURITY UPDATE: Signature in SAML doc not checked properly
    - debian/patches/CVE-2020-5390.patch: fix XML signature wrapping
      (XSW) in src/saml2/sigver.py.
    - CVE-2020-5390

158973d... by Leonidas S. Barbosa on 2018-01-05

Import patches-applied version 3.0.0-3ubuntu1.16.04.3 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: e33acf0a10bf2d45c3fbd3b263763a0a66711e60
Unapplied parent: ef69208255ec8a0e0b2360a6b3a6a61ba3d11a8c

New changelog entries:
  * SECURITY UPDATE: Any password can be used if optimizations are enabled
    - debian/patches/CVE-2017-1000433.patch: fixes authentication bypass due
      to optimizations in src/saml2/authn.py.
    - CVE-2017-1000433
  * Adding fix for test 41 response
    - debian/patches/fix-test-41-response.patch

9bf8730... by Leonidas S. Barbosa on 2018-01-05

Import patches-unapplied version 3.0.0-3ubuntu1.16.04.3 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: ab81305e80e59cec22e75ac2862553dfaa8ceabd

New changelog entries:
  * SECURITY UPDATE: Any password can be used if optimizations are enabled
    - debian/patches/CVE-2017-1000433.patch: fixes authentication bypass due
      to optimizations in src/saml2/authn.py.
    - CVE-2017-1000433
  * Adding fix for test 41 response
    - debian/patches/fix-test-41-response.patch