========================================================================== Ubuntu Security Notice USN-3402-1 August 24, 2017
python-pysaml2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.04 - Ubuntu 16.04 LTS Summary: The system could be made to expose sensitive information. Software Description: - python-pysaml2: Pure python implementation of SAML2 Details: It was discovered that PySAML2 incorrectly handled certain SAML XML requests and responses. A remote attacker could use this issue to read arbitrary files. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: python-pysaml2 3.0.0-3ubuntu1.17.04.1 python3-pysaml2 3.0.0-3ubuntu1.17.04.1 Ubuntu 16.04 LTS: python-pysaml2 3.0.0-3ubuntu1.16.04.1 python3-pysaml2 3.0.0-3ubuntu1.16.04.1 In general, a standard system update will make all the necessary changes. References: https://www.ubuntu.com/usn/usn-3402-1 CVE-2016-10149 Package Information: https://launchpad.net/ubuntu/+source/python-pysaml2/3.0.0-3ubuntu1.17.04.1 https://launchpad.net/ubuntu/+source/python-pysaml2/3.0.0-3ubuntu1.16.04.1
signature.asc
Description: This is a digitally signed message part
-- ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
