6.5.0 (2021-01-20) - Security release
- Fix processing of invalid SAML XML documents - CVE-2021-21238
- Fix unspecified xmlsec1 key-type preference - CVE-2021-21239
- Add more tests regarding XSW attacks
- Add XML Schemas for SAML2 and common extensions
- Fix the XML parser to not break on ePTID AttributeValues
- Fix the initialization value of the return_addrs property of the StatusResponse object
- Fix SWAMID entity-category policy regarding eduPersonTargetedID
- data: use importlib to load package data (backwards compatibility through the importlib_resources package)
- docs: improve the documentation for the signing_algorithm and digest_algorithm options
- examples: fix the logging configuration of the example-IdP
- tests: allow tests to pass on 32bit systems by properly choosing dates in test XML documents
- tests: improvements on the generation of response and assertion objects
- tests: expand tests on python-3.9 and python-3.10-dev
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session.
You signed out in another tab or window. Reload to refresh your session.