Affected versions of this package are vulnerable to Authentication Bypass. An incorrect check of return values in the signature validation utilities allows an attacker to get invalid signatures accepted as valid by forcing an error during validation.
Created php-simplesamlphp-saml2 tracking bugs for this issue:
Affects: fedora-all [bug 1553358]
Affects: epel-all [bug 1553359]
All dependent bugs are closed. Please close.