10 matches found
SUSE: Security Advisory (SUSE-SU-2017:3234-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : opensaml (openSUSE-2017-1350)
This update for opensaml fixes the following issues : Security issue fixed : - CVE-2017-16853: Fix the DynamicMetadataProvider class to properly configure itself with the MetadataFilter plugins, to avoid possible MITM attacks bsc1068685. This update was imported from the SUSE:SLE-12-SP1:Update...
openSUSE: Security Advisory for opensaml (openSUSE-SU-2017:3241-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for opensaml (important)
This update for opensaml fixes the following issues: Security issue fixed: - CVE-2017-16853: Fix the DynamicMetadataProvider class to properly configure itself with the MetadataFilter plugins, to avoid possible MITM attacks bsc1068685. This update was imported from the SUSE:SLE-12-SP1:Update upda...
SUSE SLES12 Security Update : opensaml (SUSE-SU-2017:3234-1)
This update for opensaml fixes the following issues: Security issue fixed : - CVE-2017-16853: Fix the DynamicMetadataProvider class to properly configure itself with the MetadataFilter plugins, to avoid possible MITM attacks bsc1068685. Note that Tenable Network Security has extracted the precedi...
[SECURITY] [DLA 1178-1] opensaml2 security update
Package : opensaml2 Version : 2.4.3-4+deb7u2 CVE ID : CVE-2017-16853 Debian Bug : 881856 Rod Widdowson of Steading System Software LLP discovered a coding error in the OpenSAML library, causing the DynamicMetadataProvider class to fail configuring itself with the filters provided and omitting...
[SECURITY] [DSA 4039-1] opensaml2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4039-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 16, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4039-1] opensaml2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4039-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 16, 2017 https://www.debian.org/security/faq -...
CVE-2017-16853
The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in OpenSAML-C in OpenSAML before 2.6.1 fails to properly configure itself with the MetadataFilter plugins and does not perform critical security checks such as signature verification, enforcement of validity...
CVE-2017-16853
CVE-2017-16853 affects OpenSAML’s DynamicMetadataProvider (OpenSAML-C) prior to 2.6.1. The DynamicMetadataProvider.cpp implementation does not properly configure MetadataFilter plugins and omits key security checks (e.g., signature verification, validity periods, and other deployment-specific che...