Skip to content

Commit 5508328

Browse files
pitbulkpitbulk
committed
Release 1.2.2
1 parent 91172ab commit 5508328

File tree

3 files changed

+11
-3
lines changed

3 files changed

+11
-3
lines changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ This version supports Python3, There is a separate version that only support Pyt
1414

1515
#### Warning ####
1616

17-
Update python3-saml to 1.2.1 that patch 1.2.0 (that had a bug on signature validation process (when using wantAssertionsSigned and wantMessagesSigned). [CVE-2016-1000251](https://github.com/distributedweaknessfiling/DWF-Database-Artifacts/blob/master/DWF/2016/1000251/CVE-2016-1000251.json)
17+
Update python3-saml to >= 1.2.1, 1.2.0 had a bug on signature validation process (when using wantAssertionsSigned and wantMessagesSigned). [CVE-2016-1000251](https://github.com/distributedweaknessfiling/DWF-Database-Artifacts/blob/master/DWF/2016/1000251/CVE-2016-1000251.json)
1818

1919
1.2.0 version includes a security patch that contains extra validations that will prevent signature wrapping attacks.
2020

changelog.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,13 @@
11
# python3-saml changelog
22

3+
### 1.2.2 (January 11, 2017)
4+
* [#37](https://github.com/onelogin/python3-saml/pull/37) Add option to raise response validation exceptions
5+
* [#42](https://github.com/onelogin/python3-saml/pull/42) Optionally raise detailed exceptions vs. returning False. Implement a more specific exception class for handling some validation errors. Improve/Fix tests. Add support for retrieving the last ID of the generated AuthNRequest / LogoutRequest. Add hooks to retrieve last-sent and last-received requests and responses
6+
* Improved inResponse validation on Responses
7+
* Add the ability to extract the specific certificate from IdP metadata when several defined
8+
* Fix Invalid True attribute value in Metadata XML
9+
* [#35](https://github.com/onelogin/python3-saml/pull/35) Fix typos and json sample code in documentation
10+
311
### 1.2.1 (October 18, 2016)
412
* [#30](https://github.com/onelogin/python3-saml/pull/30) Bug on signature checks
513

setup.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,10 +9,10 @@
99

1010
setup(
1111
name='python3-saml',
12-
version='1.2.1',
12+
version='1.2.2',
1313
description='Onelogin Python Toolkit. Add SAML support to your Python software using this library',
1414
classifiers=[
15-
'Development Status :: 4 - Beta',
15+
'Development Status :: 5 - Production/Stable',
1616
'Intended Audience :: Developers',
1717
'Intended Audience :: System Administrators',
1818
'Operating System :: OS Independent',

0 commit comments

Comments
 (0)