Source: python-pysaml2 Severity: serious Tags: security patch As per report from user:
-------- Forwarded Message -------- Subject: python-pysaml2 XEE vulnerability Date: Mon, 9 Jan 2017 14:50:41 +0100 From: Florian Best <b...@univention.de> Organization: Univention GmbH To: z...@debian.org CC: openstack-de...@lists.alioth.debian.org Dear debian python-pysaml2 maintainers, there was a security hole fixed in python-pysaml2, which allowed XML External Entity attacks: https://github.com/rohe/pysaml2/pull/379 https://github.com/rohe/pysaml2/commit/6e09a25d9b4b7aa7a506853210a9a14100b8bc9b Could you please release a security update? Best regards, Florian
