-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 07 Nov 2025 21:51:12 +0100 Source: lasso Binary: liblasso-perl liblasso-perl-dbgsym liblasso3 liblasso3-dbgsym liblasso3-dev python3-lasso python3-lasso-dbgsym Architecture: amd64 Version: 2.8.1-1+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) Changed-By: Salvatore Bonaccorso Description: liblasso-perl - Library for Liberty Alliance and SAML protocols - Perl bindings liblasso3 - Library for Liberty Alliance and SAML protocols - runtime library liblasso3-dev - Library for Liberty Alliance and SAML protocols - development kit python3-lasso - Library for Liberty Alliance and SAML protocols - Python bindings Changes: lasso (2.8.1-1+deb12u1) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * tests: test that inserted comment do not change node value and still validate signature * xml: prevent assignment of attribute value inside any attribute (CVE-2025-47151) * misc: check xmlSecGetNodeNsHref for possible NULL result (CVE-2025-46404) * xml: do not terminate on an unknown XML node type (CVE-2025-46705) Checksums-Sha1: 654616586bab664cba786b27f6b748a0716eab82 11092 lasso_2.8.1-1+deb12u1_amd64-buildd.buildinfo 3ddadb43911a2ff96fd55a419a978b521e2706b9 169268 liblasso-perl-dbgsym_2.8.1-1+deb12u1_amd64.deb 38d0b1bb4f57dbffbcf8fa31905e8c82328689e7 780088 liblasso-perl_2.8.1-1+deb12u1_amd64.deb c681b130f2d231d8f307e272458f151b2ca281a0 792928 liblasso3-dbgsym_2.8.1-1+deb12u1_amd64.deb f5e46de6c1c876ee6d052e31adf18eb658bf98d4 868300 liblasso3-dev_2.8.1-1+deb12u1_amd64.deb 78e7d018c194bef2f53cf5c284328ee70be7566d 797124 liblasso3_2.8.1-1+deb12u1_amd64.deb 198b9e78ee97390c5d466f80f5da6795b7c6dbd2 319960 python3-lasso-dbgsym_2.8.1-1+deb12u1_amd64.deb b687f3310b2980cd8172eb6fc3876f7646b94ab8 738432 python3-lasso_2.8.1-1+deb12u1_amd64.deb Checksums-Sha256: bbc371643d453295bf6ebb43abbe3a739e58ba5aaf64753357406674a101f784 11092 lasso_2.8.1-1+deb12u1_amd64-buildd.buildinfo 0cdaef762c89d2ef98fab8a889cebfd3e00fe82fdc516f457495abdf6e803435 169268 liblasso-perl-dbgsym_2.8.1-1+deb12u1_amd64.deb 62b64600ea0975e9bf68a9e4fdbc06542f8d81ae467a4d45680b445295dcb996 780088 liblasso-perl_2.8.1-1+deb12u1_amd64.deb 31ce28fcd66b4394beaa2193dc542b1e9ac67fc19235b8ba6deab105963ff70c 792928 liblasso3-dbgsym_2.8.1-1+deb12u1_amd64.deb ef5ef88d15ba2b7c97f5ebfdb88c0fa577f5f3636170aa7a085a64dd1af3266a 868300 liblasso3-dev_2.8.1-1+deb12u1_amd64.deb 3ca91402f514482794ce0ba0725910e58e660b1b84735bf69150e4e53d617735 797124 liblasso3_2.8.1-1+deb12u1_amd64.deb 69a2a882621cdcac15b44b6a256e1214cca9730bf08d8362afedaccc5a16de30 319960 python3-lasso-dbgsym_2.8.1-1+deb12u1_amd64.deb 1b5d20e769bb2de59a168b56f515b87475bd2740e1876c6739a5f5a1895deead 738432 python3-lasso_2.8.1-1+deb12u1_amd64.deb Files: 78c12c76477e537e04855ee48643f7dd 11092 libs optional lasso_2.8.1-1+deb12u1_amd64-buildd.buildinfo d95a5f8488a4dcd0443de64ef3276a23 169268 debug optional liblasso-perl-dbgsym_2.8.1-1+deb12u1_amd64.deb c1b83099b607268938413885d12a8487 780088 perl optional liblasso-perl_2.8.1-1+deb12u1_amd64.deb c29ae7fda3f1258e720c0538ccde784c 792928 debug optional liblasso3-dbgsym_2.8.1-1+deb12u1_amd64.deb b630a5f78f27ccd8914587fc825716b7 868300 libdevel optional liblasso3-dev_2.8.1-1+deb12u1_amd64.deb 03e8fa4453f820ea927271212ee79a6e 797124 libs optional liblasso3_2.8.1-1+deb12u1_amd64.deb 91b5d14b763e47e26562d2a714717011 319960 debug optional python3-lasso-dbgsym_2.8.1-1+deb12u1_amd64.deb 11f5ba3665c8a299177dc4d3f9fe69c0 738432 python optional python3-lasso_2.8.1-1+deb12u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErwLLVsiCiGZggzpHJuP6X4A0XeIFAmkSTxQACgkQJuP6X4A0 XeKMFQ/+P1ssyPyyPAs6wn2Wzg5t375dZ02X/ydksAVstcn0HrtXrwJVnydHo5sJ L0odeZI66U39xrcYQ33zXe+npqxt9wKOJ9za4hETDnsPpWl4MqFxfm0pIjakYVgi zhTxmNYv6ZBUNBJn9G0601m/JQ98V4fEJISx3LHTn5R1EmyCipbiKdo5LpPwDhPg X8SqvaT31JP0vZfmWiqmiCQ0PgejkGOy8XF66BeDU45CkvH0yZeFDjVRNQa7Xvu6 vYE2iQTm9GPeD+POFHTc1w52u7VVt/MwuCqhh+QbaCrSV8m2xeu7BpSJJe1I5/3+ Yncmx7zXsCjkHSFwvksClUJpc0u3kiTsBe3iGVijTcbeT22nR13Q6jje0Hxjpyuf UHGJ8mX0rp4zxJQlesgw3QR3PAMmY60WZ/VxxCHN056i2m3SwGSjbCjTcAoympS/ E5A+cJqcUG4BX21nMB13xdrOM2PxS7szs74s915dbIhSIclXWW9xiUeTco9SrZyS 2Rev++6TgSyliemM0ReH5kpw2X3TXxLFk1NXPa9M4tpNhWb5dfo3XyPngoacK6kC UK+goVzexWj/jU4i8FfzvF3fErhqMzwRfDZYqYpp6B6JItqgaMwGmTegSOLYPM5k 4WSg0EfKHRZzMRzsUhn00jCnXM++728CQ9S3e25VFf2oZ0uSnHc= =JiD+ -----END PGP SIGNATURE-----