Package: simplesamlphp / 1.14.11-1+deb9u1

CVE-2017-18122.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
From e2d53086abbb253efb24ddcb49b116246eb0b6ca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20Pe=CC=81rez=20Crespo?= <jaime.perez@uninett.no>
Date: Wed, 25 Oct 2017 11:54:08 +0200
Subject: [PATCH] Make sure calls to in_array() use strict comparisons.

---
 lib/SimpleSAML/XML/Validator.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/SimpleSAML/XML/Validator.php b/lib/SimpleSAML/XML/Validator.php
index e4877f05c..69236ef15 100644
--- a/lib/SimpleSAML/XML/Validator.php
+++ b/lib/SimpleSAML/XML/Validator.php
@@ -260,7 +260,7 @@ public function isNodeValidated($node) {
 		assert('$node instanceof DOMNode');
 
 		while($node !== NULL) {
-			if(in_array($node, $this->validNodes)) {
+			if(in_array($node, $this->validNodes, true)) {
 				return TRUE;
 			}