an issue was reported regarding the schema checker and a new release -
v6.5.1 - is out to fix this.
On Wed, 20 Jan 2021 at 15:10, Ivan Kanakarakis <ivan.kanak at gmail.com> wrote:
PySAML2 v6.5.0 has been released.
This is a security release with fixes for the two vulnerabilities that
we had mentioned before.
We urge you to update your setup to the latest pySAML2 version.
A new SATOSA release is on its way to accommodate for the security
release of this dependency.
On Thu, 7 Jan 2021 at 14:40, Ivan Kanakarakis <ivan.kanak at gmail.com> wrote:
Dear users of IdentityPython,
this is a heads-up about two vulnerabilities affecting pySAML2.
Software that uses pySAML2 is indirectly affected, too (ie, SATOSA).
The issues were reported to the IdentityPython incident-response
mailing list and we have been working on a mitigation. A new version
of pySAML2 that includes the fixes will be released on Wednesday
20th of January between 13:00 CET and 17:00 CET. We urge
everyone to be prepared to update their setup to the latest version.
Ivan Kanakarakis on behalf of the incident-response team
Ivan c00kiemon5ter Kanakarakis >:3