Forum: >>> Magnum BBS <<<

Bug#1100595: simplesamlphp: CVE-2025-27773

From Salvatore Bonaccorso@21:1/5 to All on Sat Mar 15 21:20:01 2025

Source: simplesamlphp
Version: 1.19.7-1+deb12u1
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>

Hi,

The following vulnerability was published for simplesamlphp.

CVE-2025-27773[0]:
| The SimpleSAMLphp SAML2 library is a PHP library for SAML2 related
| functionality. Prior to versions 4.17.0 and 5.0.0-alpha.20, there is
| a signature confusion attack in the HTTPRedirect binding. An
| attacker with any signed SAMLResponse via the HTTP-Redirect binding
| can cause the application to accept an unsigned message. Versions
| 4.17.0 and 5.0.0-alpha.20 contain a fix for the issue.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2025-27773
https://www.cve.org/CVERecord?id=CVE-2025-27773
[1] https://github.com/simplesamlphp/saml2/security/advisories/GHSA-46r4-f8gj-xg56
[2] https://github.com/simplesamlphp/saml2/commit/7867d6099dc7f31bed1ea10e5bea159c5623d2a0

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	480
Nodes:	16 (2 / 14)
Uptime:	05:22:18
Calls:	9,535
Calls today:	3
Files:	13,653
Messages:	6,138,711
Posted today:	1