Workflow

Pysaml2

Latest version: v7.5.2

Safety actively analyzes 724536 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 5 of 7

5.4.0

Not secure
- Fix generation of signed metadata
- Add attribute mappings used by SwedenConnect (DIGG, INERA and PKIX specifications)
- Update SWAMID entity category
- Document the `additional_cert_files` configuration option

5.3.0

Not secure
- Fix check for nameid_format set to the string "None" in the configuration

5.2.0

Not secure
- Fix presence of empty eIDAS RequestedAttributes element on AuthnRequest
- Refactor create_authn_request method to be easier to reason about
- Fix NameIDPolicy checks for allowed Format and allowCreate values

5.1.0

Not secure
- support eIDAS RequestedAttributes per AuthnRequest
- fix xmlsec1 --id-attr configuration option value
- do not remove existing disco URL query params
- load attribute maps in predictable order
- better error message when AudienceRestriction does not validate
- always use base64.encodebytes instead of base64.encodestring
- update the eIDAS attribute mapping for legal person
- fix py_compile warnings
- fix pylint errors and warnings
- various small fixes
- add Python3.8 as supported
- tests: fix validity dates
- docs: document default value for 'want_response_signed'

5.0.0

Not secure
- Fix XML Signature Wrapping (XSW) vulnerabilities - [CVE-2020-5390]
- Add freshness period feature for MetaDataMDX
- Fix bug in duration calculation in time_util library
- Fix ipv6 validation to accommodate for addresses with brackets
- Fix xmlsec temporary files deletions
- Add method to get supported algorithms from metadata
- Add mdstore method to extract assurance certifications
- Add mdstore method to extract contact_person data
- Add attribute mappings from the Swiss eduPerson Schema
- Make AESCipher and Fernet interfaces compatible
- Remove deprecated saml2.aes module
- Remove deprecated saml2.extensions.ui module
- Replace deprecated mongodb operations
- Rename ToOld error to TooOld
- Fix pytest warnings
- Mock tests that need a network connection
- Start dropping python2 support

4.9.0

Not secure
- Add mdstore methods to extract mdui uiinfo elements
- Add attribute mapping for umbrellaID attributes
- Fix logic error in pick_binding method for Entity class
- Validate the audience of assertions regardless of a response being unsolicited
- Fix PKCS_9 saml_url prefix
- docs: Fix warnings from docs generation
- docs: Update release instructions regarding branch releases
- docs: Fix list formatting on IdP example page
- docs: Update pysaml2 options doc with `name_id_format_allow_create`
- misc: fix various typos

Page 5 of 7

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.