Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption of data.
{ "ubuntu_priority": "negligible" }
{ "availability": "No subscription required", "ubuntu_priority": "negligible", "binaries": [ { "python-pysaml2-doc": "4.5.0+dfsg1-0ubuntu2", "python3-pysaml2": "4.5.0+dfsg1-0ubuntu2", "python-pysaml2": "4.5.0+dfsg1-0ubuntu2" } ] }