http://bugzilla.suse.com/show_bug.cgi?id=1015826 Bug ID: 1015826 Summary: VUL-0: CVE-2016-9955: SimpleSAMLphp: SSPSA 201612-02: Incorrect signature verification Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: mikhail.kasimov@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Reference: http://seclists.org/oss-sec/2016/q4/670 ==================================================================== Hi SimpleSAMLphp has released (another) update fixing an incorrect signature verification issue (different from SSPSA 201612-01 / CVE-2016-9814). It affects versions of SimpeSAMLphp before 1.14.11. Upstream advisory: https://simplesamlphp.org/security/201612-02 References: https://github.com/simplesamlphp/simplesamlphp/commit/a2326d75dd14accaac162d... Could you please assign a CVE for this issue? Regards, Salvatore ==================================================================== Don't know if it's acceptable to (open-)SUSE, but, if not, please, close the report. -- You are receiving this mail because: You are on the CC list for the bug.