Errata overview
Errata ID 613
Date 2019-11-13
Source package simplesamlphp
Fixed in version 1.14.11-1+deb9u2A~
This update addresses the following issue:
* It was discovered that in SimpleSAMLphp, an implementation of the SAML 2.0
  protocol, it was possible to circumvent XML signature verification on SAML
  messages. (CVE-2019-3465)
Additional notes
CVE ID CVE-2019-3465
UCS Bug number #50465