Hi Thomas,
On Fri, Jan 20, 2017 at 11:02:56AM +0100, Thomas Goirand wrote:
> On 01/19/2017 08:02 PM, Salvatore Bonaccorso wrote:
> > Hi,
> >
> > On Mon, Jan 09, 2017 at 04:28:40PM +0100, Thomas Goirand wrote:
> >> there was a security hole fixed in python-pysaml2, which allowed XML
> >> External
On 01/19/2017 08:02 PM, Salvatore Bonaccorso wrote:
> Hi,
>
> On Mon, Jan 09, 2017 at 04:28:40PM +0100, Thomas Goirand wrote:
>> there was a security hole fixed in python-pysaml2, which allowed XML
>> External Entity attacks:
>> https://github.com/rohe/pysaml2/pull/379
>>
Hi,
On Mon, Jan 09, 2017 at 04:28:40PM +0100, Thomas Goirand wrote:
> there was a security hole fixed in python-pysaml2, which allowed XML
> External Entity attacks:
> https://github.com/rohe/pysaml2/pull/379
> https://github.com/rohe/pysaml2/commit/6e09a25d9b4b7aa7a506853210a9a14100b8bc9b
Control: retitle -1 python-pysaml2: CVE-2016-10127: XML External Entity attack
Hi
This issue has been assigned CVE-2016-10127, cf.
http://www.openwall.com/lists/oss-security/2017/01/11/5
Regards,
Salvatore
Source: python-pysaml2
Severity: serious
Tags: security patch
As per report from user:
Forwarded Message
Subject: python-pysaml2 XEE vulnerability
Date: Mon, 9 Jan 2017 14:50:41 +0100
From: Florian Best
Organization: Univention GmbH
To: z...@debian.org
CC:
5 matches
Mail list logo