Ubuntu Security Notice 4974-1 - It was discovered that Lasso did not properly verify that all assertions in a SAML response were properly signed. An attacker could possibly use this to impersonate users or otherwise bypass access controls.
5bd381aee01d0b34cf8fd35cd96dbb180bc45c98dd746b222bb1b2c3743a2a77