Source: python-pysaml2 Severity: serious Tags: security patch As per report from user:
-------- Forwarded Message -------- Subject: python-pysaml2 XEE vulnerability Date: Mon, 9 Jan 2017 14:50:41 +0100 From: Florian Best <[email protected]> Organization: Univention GmbH To: [email protected] CC: [email protected] Dear debian python-pysaml2 maintainers, there was a security hole fixed in python-pysaml2, which allowed XML External Entity attacks: https://github.com/rohe/pysaml2/pull/379 https://github.com/rohe/pysaml2/commit/6e09a25d9b4b7aa7a506853210a9a14100b8bc9b Could you please release a security update? Best regards, Florian _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
