USN-3402-1: PySAML2 vulnerability
24 August 2017
The system could be made to expose sensitive information.
- python-pysaml2 - Pure python implementation of SAML2
It was discovered that PySAML2 incorrectly handled certain
SAML XML requests and responses. A remote attacker could use
this issue to read arbitrary files.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.