Issued at: 2025-11-18
Updated at: 2025-11-23
Synopsis
Critical: lasso security update
Description
The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of SAML-based federations and provides bindings for multiple languages.
Security Fix(es):
* lasso: Type confusion in Entr'ouvert Lasso (CVE-2025-47151)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected products
Rocky Linux 8 aarch64
Rocky Linux 8 x86_64
Fixes
2412739
CVEs
CVE-2025-47151
Affected packages
Rocky Linux 8 aarch64 - AppStream
lasso-0:2.6.0-14.el8_10.aarch64.rpm
lasso-0:2.6.0-14.el8_10.src.rpm
lasso-debuginfo-0:2.6.0-14.el8_10.aarch64.rpm
lasso-debugsource-0:2.6.0-14.el8_10.aarch64.rpm
python3-lasso-0:2.6.0-14.el8_10.aarch64.rpm
python3-lasso-debuginfo-0:2.6.0-14.el8_10.aarch64.rpm
Rocky Linux 8 x86_64 - AppStream
lasso-0:2.6.0-14.el8_10.i686.rpm
lasso-0:2.6.0-14.el8_10.src.rpm
lasso-0:2.6.0-14.el8_10.x86_64.rpm
lasso-debuginfo-0:2.6.0-14.el8_10.i686.rpm
lasso-debuginfo-0:2.6.0-14.el8_10.x86_64.rpm
lasso-debugsource-0:2.6.0-14.el8_10.i686.rpm
lasso-debugsource-0:2.6.0-14.el8_10.x86_64.rpm
python3-lasso-0:2.6.0-14.el8_10.x86_64.rpm
python3-lasso-debuginfo-0:2.6.0-14.el8_10.x86_64.rpm
Rocky Linux 8 aarch64 - PowerTools
lasso-devel-0:2.6.0-14.el8_10.aarch64.rpm
Rocky Linux 8 x86_64 - PowerTools
lasso-devel-0:2.6.0-14.el8_10.i686.rpm
lasso-devel-0:2.6.0-14.el8_10.x86_64.rpm