Summary: | <dev-python/pysaml2-4.0.2-r1: vulnerable to XXE | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | Flags: | stable-bot:
sanity-check+
|
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/rohe/pysaml2/issues/366 | ||
See Also: | https://bugs.debian.org/850716 | ||
Whiteboard: | B3 [noglsa cve] | ||
Package list: |
=dev-python/pysaml2-4.0.2-r1 amd64 x86
|
Runtime testing required: | --- |
Description
Thomas Deutschmann (RETIRED)
2017-01-11 00:09:52 UTC
no release with it yet, and openstack requires <pysaml2-4.0.3 to avoid the pycryptodome change. so... I backported the patch and released 4.0.2-r1 arches, please stabilize =dev-python/pysaml2-4.0.2-r1 amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please vote. cleaned up, removing from cc GLSA Vote: No Repository is clean. |