File not found: 0003-Fix-XML-Signature-Wrapping-XSW-vulnerabilities.patch

python-pysaml2

Edit Package python-pysaml2
No description set
Refresh
Refresh
Source Files
Filename Size Changed
0001-Always-generate-a-random-IV-for-AES-operations.patch 0000005502 5.37 KB
0001-Fix-XML-Signature-Wrapping-XSW-vulnerabilities.patch 0000015899 15.5 KB
0004-Strengthen-XSW-tests.patch 0000027353 26.7 KB
0005-Fix-the-parser-to-not-break-on-ePTID-AttributeValues.patch 0000002145 2.09 KB
0006-Add-xsd-schemas.patch 0000235547 230 KB
0007-Fix-CVE-2021-21238-SAML-XML-Signature-wrapping.patch 0000026223 25.6 KB
0008-Fix-CVE-2021-21239-Restrict-the-key-data-that-xmlsec.patch 0000020689 20.2 KB
0009-Make-previous-commits-python2-compatible.patch 0000005000 4.88 KB
fix-xxe-in-xml-parsing.patch 0000008733 8.53 KB
pysaml2-4.0.2.tar.gz 0013657558 13 MB
python-pysaml2.changes 0000003717 3.63 KB
python-pysaml2.spec 0000004572 4.46 KB
quick-fix-for-the-authentication-bypass-due-to-optimizations.patch 0000000921 921 Bytes
Latest Revision
Gayane Osipyan's avatar Gayane Osipyan (gosipyan) accepted request 900628 from Johannes Grassler's avatar Johannes Grassler (jgrassler) (revision 6)
Note: This commit merges the currently released state in SUSE OpenStack Cloud
      with the partially clashing changes in
      Cloud:OpenStack:Pike.

- Add %dir declaration for %{_licensedir}

- Add 0001-Always-generate-a-random-IV-for-AES-operations.patch
  (CVE-2017-1000246, bsc#1068612)

- Add 0001-Fix-XML-Signature-Wrapping-XSW-vulnerabilities.patch
  (CVE-2020-5390, bsc#1160851)
Comments 0
openSUSE Build Service is sponsored by