lasso-2.7.0-11.el9.3

エラータID: AXSA:2025-11104:02

Release date: 
Thursday, November 20, 2025 - 14:32
Subject: 
lasso-2.7.0-11.el9.3
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

The lasso packages provide the Lasso library that implements the Liberty
Alliance Single Sign-On standards, including the SAML and SAML2 specifications.
It allows handling of the whole life-cycle of SAML-based federations and
provides bindings for multiple languages.

Security Fix(es):

* lasso: Type confusion in Entr'ouvert Lasso (CVE-2025-47151)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE-2025-47151
A type confusion vulnerability exists in the lasso_node_impl_init_from_xml
functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML
response can lead to an arbitrary code execution. An attacker can send a
malformed SAML response to trigger this vulnerability.

Solution: 

Update packages.

CVEs: 
CVE-2025-47151
A type confusion vulnerability exists in the lasso_node_impl_init_from_xml functionality of Entr'ouvert Lasso 2.5.1 and 2.8.2. A specially crafted SAML response can lead to an arbitrary code execution. An attacker can send a malformed SAML response to trigger this vulnerability.
Additional Info: 

N/A

Download: 

SRPMS
  1. lasso-2.7.0-11.el9.3.src.rpm
    MD5: c34db5f524cf37a47139840811d372b6
    SHA-256: 917a912f34f405f56806683b100b59fa190bfc6240e6d7aa230938489293a54c
    Size: 6.02 MB

Asianux Server 9 for x86_64
  1. lasso-2.7.0-11.el9.3.i686.rpm
    MD5: 8a424c4916099287e1683d4c23b49833
    SHA-256: cfbe2fcfc880b707a710ad63aac900c5eb5d17f22f8bca7c4e0e02eaafc41fad
    Size: 212.14 kB
  2. lasso-2.7.0-11.el9.3.x86_64.rpm
    MD5: d1fdc550c0e4c31a7ebab8f8583641e0
    SHA-256: 7d04f23e1977f22ffd7c2232b2a782dd8a5491d9cd72ac4bf3f28fdcb1effb38
    Size: 199.71 kB
  3. lasso-devel-2.7.0-11.el9.3.i686.rpm
    MD5: 9820bdf84d239258a31c73c47d52e671
    SHA-256: 12c98a576947a81a33efcebcd2e8edc8234170a4a2fa51a0dbc0eb7ed1a6bc05
    Size: 115.03 kB
  4. lasso-devel-2.7.0-11.el9.3.x86_64.rpm
    MD5: ff1e790db925f58977b5c346f9d68bd4
    SHA-256: 7396b17916be04e19d16c647070631c28bece980fde5463d78f8c3c7b3dc7f73
    Size: 114.98 kB
  5. python3-lasso-2.7.0-11.el9.3.x86_64.rpm
    MD5: 045c0a134d3fd8b7b892beb444b339c6
    SHA-256: 0ffeca7542c510a86b786e35dbb005b0e0aa6025e9a40fcef74aa9b848a486f1
    Size: 181.85 kB