ELSA-2021-2989

ELSA-2021-2989 - lasso security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2021-08-02

Description


[2.5.1-8]
- Fix Coverity warning introduced by the previous patch
- Related: #1963855 - CVE-2021-28091 lasso: XML signature wrapping
vulnerability when parsing SAML responses

[2.5.1-7]
- Fix Coverity warning introduced by the previous patch
- Related: #1963855 - CVE-2021-28091 lasso: XML signature wrapping
vulnerability when parsing SAML responses

[2.5.1-6]
- Resolves: #1963855 - CVE-2021-28091 lasso: XML signature wrapping
vulnerability when parsing SAML responses


Related CVEs


CVE-2021-28091

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) lasso-2.5.1-8.el7_9.src.rpmfd52317ffb4abd46bccf1294c4b304a1-
lasso-2.5.1-8.el7_9.aarch64.rpm618cb1bc597886105c3743f497f86339-
lasso-devel-2.5.1-8.el7_9.aarch64.rpm8e0e441db85d5666b0ddd96af27cc1bc-
lasso-python-2.5.1-8.el7_9.aarch64.rpm07d5200f150011b2e020293f82d990e7-
Oracle Linux 7 (x86_64) lasso-2.5.1-8.el7_9.src.rpmfd52317ffb4abd46bccf1294c4b304a1-
lasso-2.5.1-8.el7_9.i686.rpmd14595d0ecad0a3d9f46a703351a0950-
lasso-2.5.1-8.el7_9.x86_64.rpm89611ab8d92a99ee88e570d5e4467635-
lasso-devel-2.5.1-8.el7_9.i686.rpm40c55b60ef662a510deb40f361910dc9-
lasso-devel-2.5.1-8.el7_9.x86_64.rpmf4fce1fea256e27e23b4141d221aaf13-
lasso-python-2.5.1-8.el7_9.x86_64.rpm1bb5ebd437b00ba76f25892bb37be5bf-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete