| Release | Version |
|---|---|
| jessie | 2.0.0-1+deb8u4 |
| stretch | 3.0.0-5+deb9u2 |
| buster | 4.5.0-4+deb10u1 |
| bullseye | 6.5.1-1 |
| bookworm | 7.0.1-2 |
| trixie | 7.4.2-4 |
| sid | 7.4.2-4 |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-21239 | fixed | fixed | vulnerable (no DSA) | fixed | fixed | fixed | fixed | PySAML2 is a pure python implementation of SAML Version 2 Standard. Py ... |
| CVE-2021-21238 | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | PySAML2 is a pure python implementation of SAML Version 2 Standard. Py ... |
| CVE-2017-1000246 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | Python package pysaml2 version 4.4.0 and earlier reuses the initializa ... |
| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-10127 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | PySAML2 allows remote attackers to conduct XML external entity (XXE) a ... |
| Bug | Description |
|---|---|
| CVE-2020-5390 | PySAML2 before 5.0.0 does not check that the signature in a SAML docum ... |
| CVE-2017-1000433 | pysaml2 version 4.4.0 and older accept any password when run with pyth ... |
| CVE-2016-10149 | XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier a ... |
| DSA / DLA | Description |
|---|---|
| ELA-644-1 | python-pysaml2 - security update |
| DLA-2577-1 | python-pysaml2 - security update |
| DLA-2119-1 | python-pysaml2 - security update |
| DSA-4630-1 | python-pysaml2 - security update |
| DLA-1410-1 | python-pysaml2 - security update |
| DSA-3759-1 | python-pysaml2 - security update |