You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
2.7.0 - June 1st 2021
----------------------
36 commits, 45 files changed, 1945 insertions, 177 deletions
* CVE-2021-28091: Fix signature checking on unsigned response with multiple assertions
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28091
When AuthnResponse messages are not signed (which is
permitted by the specifiation), all assertion's signatures should be
checked, but currently after the first signed assertion is checked all
following assertions are accepted without checking their signature, and
the last one is considered the main assertion.
This patch :
* check signatures from all assertions if the message is not signed,
* refuse messages with assertion from different issuers than the one on
the message, to prevent assertion bundling event if they are signed.
TODO:
Add new XSW10 Attack (like XSW3 but evil assertion after the valid one; just switch the assertions).
Create description and image
Mention CVE number in description as an example
The text was updated successfully, but these errors were encountered:
Add new XSW10 attack.
This can e.g. be used to exploit CVE-2021-28091 (https://git.entrouvert.org/lasso.git/tree/NEWS?id=v2.7.0):
TODO:
The text was updated successfully, but these errors were encountered: