ELSA-2021-4325
- ULN >
- Oracle Linux Errata repository >
- ELSA-2021-4325
ELSA-2021-4325 - lasso security and enhancement update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2021-11-16 |
Description
[2.6.0-12]
- Fix a dead code issue in the signature wrapping patch
- Resolves: rhbz#1951653 - CVE-2021-28091 lasso: XML signature wrapping
vulnerability when parsing SAML responses [rhel-8]
[2.6.0-11]
- Bump release to force the package through OSCI as the previous
build reached CI just in time for an outage
- Related: rhbz#1888195 - [RFE] release (built) python3-lasso pkg (comingfrom lasso)
[2.6.0-10]
- Resolves: rhbz#1951653 - CVE-2021-28091 lasso: XML signature wrapping
vulnerability when parsing SAML responses [rhel-8]
[2.6.0-9]
- Resolves: rhbz#1888195 - [RFE] release (built) python3-lasso pkg (coming
from lasso)
Related CVEs
| CVE-2021-28091 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 8 (aarch64) | lasso-2.6.0-12.el8.src.rpm | 845de17a3fa069182ecf4ddeedb0af7d | - |
| lasso-2.6.0-12.el8.aarch64.rpm | 8d80dd2c1ef3c6f080aed6ecb36021b5 | - | |
| lasso-devel-2.6.0-12.el8.aarch64.rpm | 380b57479da1de5fb9c63761fb1276b3 | - | |
| Oracle Linux 8 (x86_64) | lasso-2.6.0-12.el8.src.rpm | 845de17a3fa069182ecf4ddeedb0af7d | - |
| lasso-2.6.0-12.el8.i686.rpm | dd9839be4ae3094fac737fceb0862580 | - | |
| lasso-2.6.0-12.el8.x86_64.rpm | 63956f1fd2193a286673847733b69949 | - | |
| lasso-devel-2.6.0-12.el8.i686.rpm | f68ada89d205fb8fb09fbd30e00a49a9 | - | |
| lasso-devel-2.6.0-12.el8.x86_64.rpm | 1cfbe2c10aef9794a63594596eb5ecc8 | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
