diff options
author | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2021-01-09 00:31:13 +0200 |
---|---|---|
committer | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2021-01-15 16:09:06 +0200 |
commit | 3b707723dcf1bf60677b424aac398c0c3557641d (patch) | |
tree | 32be8bf3732a60e3f0697ba9d024cac6d6929374 /release-howto.rst | |
parent | b76ea403e3107bbae73b653215985b9e1f27c5d4 (diff) | |
download | pysaml2-3b707723dcf1bf60677b424aac398c0c3557641d.tar.gz |
Fix CVE-2021-21238 - SAML XML Signature wrapping
All users of pysaml2 that use the default `CryptoBackendXmlSec1` backend and need to
verify signed SAML documents are impacted. `pysaml2 <= 6.4.1` does not validate the SAML
document against an XML schema. This allows invalid XML documents to trick the
verification process, by presenting elements with a valid signature inside elements
whose content has been malformed. The verification is offloaded to `xmlsec1` and
`xmlsec1` will not validate every signature in the given document, but only the first it
finds in the given scope.
Credits for the report:
- Victor Schönfelder Garcia (isits AG International School of IT Security)
- Juraj Somorovsky (Paderborn University)
- Vladislav Mladenov (Ruhr University Bochum)
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
Diffstat (limited to 'release-howto.rst')
0 files changed, 0 insertions, 0 deletions