FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

pysaml2 -- multiple vulnerabilities

Affected packages
py36-pysaml2 < 6.5.0
py37-pysaml2 < 6.5.0
py38-pysaml2 < 6.5.0
py39-pysaml2 < 6.5.0

Details

VuXML ID fb67567a-5d95-11eb-a955-08002728f74c
Discovery 2021-01-20
Entry 2021-01-26

pysaml2 Releases:

Fix processing of invalid SAML XML documents - CVE-2021-21238

Fix unspecified xmlsec1 key-type preference - CVE-2021-21239

References

CVE Name CVE-2021-21238
CVE Name CVE-2021-21239
URL https://github.com/IdentityPython/pysaml2/releases
URL https://github.com/IdentityPython/pysaml2/security/advisories/GHSA-5p3x-r448-pc62
URL https://github.com/IdentityPython/pysaml2/security/advisories/GHSA-f4g9-h89h-jgv9