It was discovered that PySAML2 incorrectly accepted any password when run with python optimizations enabled. An attacker could use this issue to authenticate as any user without a valid password.
{ "availability": "No subscription required", "binaries": [ { "python-pysaml2-doc": "3.0.0-3ubuntu1.16.04.3", "python3-pysaml2": "3.0.0-3ubuntu1.16.04.3", "python-pysaml2": "3.0.0-3ubuntu1.16.04.3" } ] }