It was discovered that pysaml2, a Python implementation of SAML to be used in a WSGI environment, was susceptible to XML signature wrapping attacks, which could result in a bypass of signature verification.
Ilja Van Sprundel reported a logic flaw in the Extensible Authentication Protocol packet parser in the Point-to-Point Protocol Daemon . An unauthenticated attacker can take advantage of this flaw to trigger a stack-based buffer overflow, leading to denial of service .