Errata overview
Errata ID 333
Date 2019-11-13
Source package simplesamlphp
Fixed in version 1.16.3-1+deb10u1A~
This update addresses the following issue:
* It was discovered that in SimpleSAMLphp, an implementation of the SAML 2.0
  protocol, it was possible to circumvent XML signature verification on SAML
  messages. (CVE-2019-3465)
Additional notes
CVE ID CVE-2019-3465
UCS Bug number #50482