FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
417de1e6-c31b-11eb-9633-b42e99a1b9c3lasso -- signature checking failure

entrouvert reports:

When AuthnResponse messages are not signed (which is permitted by the specifiation), all assertion's signatures should be checked, but currently after the first signed assertion is checked all following assertions are accepted without checking their signature, and the last one is considered the main assertion.


Discovery 2021-06-01
Entry 2021-06-01
lasso
lt 2.7.0

CVE-2021-28091
https://git.entrouvert.org/lasso.git/tree/NEWS?id=v2.7.0