[ubuntu/impish-proposed] python-pysaml2 6.1.0-0ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Wed Sep 8 13:35:12 UTC 2021 

python-pysaml2 (6.1.0-0ubuntu2) impish; urgency=medium

  * SECURITY UPDATE: improper verification of cryptographic signature
    - debian/patches/CVE-2021-21239.patch: restrict the key data that
      xmlsec1 accepts to only x509 certs in src/saml2/sigver.py,
      tests/test_xmlsec1_key_data.py,
      tests/xmlsec1-keydata/signed-assertion-random-embedded-cert.xml,
      tests/xmlsec1-keydata/signed-assertion-with-hmac.xml,
      tests/xmlsec1-keydata/signed-response-with-hmac.xml.
    - CVE-2021-21239
  * debian/patches/python39compat.patch: fix FTBFS with Python 3.9.

Date: Wed, 08 Sep 2021 09:24:25 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/python-pysaml2/6.1.0-0ubuntu2
-------------- next part --------------
Format: 1.8
Date: Wed, 08 Sep 2021 09:24:25 -0400
Source: python-pysaml2
Built-For-Profiles: noudeb
Architecture: source
Version: 6.1.0-0ubuntu2
Distribution: impish
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 python-pysaml2 (6.1.0-0ubuntu2) impish; urgency=medium
 .
   * SECURITY UPDATE: improper verification of cryptographic signature
     - debian/patches/CVE-2021-21239.patch: restrict the key data that
       xmlsec1 accepts to only x509 certs in src/saml2/sigver.py,
       tests/test_xmlsec1_key_data.py,
       tests/xmlsec1-keydata/signed-assertion-random-embedded-cert.xml,
       tests/xmlsec1-keydata/signed-assertion-with-hmac.xml,
       tests/xmlsec1-keydata/signed-response-with-hmac.xml.
     - CVE-2021-21239
   * debian/patches/python39compat.patch: fix FTBFS with Python 3.9.
Checksums-Sha1:
 fc89ee8202c558e2bb224ac2f19ff5bfb923e9ab 2576 python-pysaml2_6.1.0-0ubuntu2.dsc
 c0a258ffc651552723a54e143200ce5edcc3c9ad 12740 python-pysaml2_6.1.0-0ubuntu2.debian.tar.xz
 80c056316f758d6fe6cde61a3f9e591d4aa907bf 7934 python-pysaml2_6.1.0-0ubuntu2_source.buildinfo
Checksums-Sha256:
 1b93a05589f0a7bc2b455cb25162d83089426f2f0ac28b2d0079fbf214fcc0ed 2576 python-pysaml2_6.1.0-0ubuntu2.dsc
 8c326210ff17303dec90d2d0479764c177e4dd2876de943cc7a5a5ba7e93cdd0 12740 python-pysaml2_6.1.0-0ubuntu2.debian.tar.xz
 f97d73158b81fa904f0c8bd7912be61be1dda4e1cda075eb5eec1192443c3f77 7934 python-pysaml2_6.1.0-0ubuntu2_source.buildinfo
Files:
 07e6241e3bfa17f519d7840cff9771b2 2576 python optional python-pysaml2_6.1.0-0ubuntu2.dsc
 3180ca87aecd2b62bd865d4af187beba 12740 python optional python-pysaml2_6.1.0-0ubuntu2.debian.tar.xz
 5dc4713916806f055c5ba0b2544786bc 7934 python optional python-pysaml2_6.1.0-0ubuntu2_source.buildinfo
Original-Maintainer: PKG OpenStack <openstack-devel at lists.alioth.debian.org>

More information about the impish-changes mailing list