Workflow

Python-saml

Latest version: v2.13.0

Safety actively analyzes 681866 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 2 of 6

2.8.0

Not secure
* [258](https://github.com/onelogin/python-saml/issues/258) Fix failOnAuthnContextMismatch feature
* [250](https://github.com/onelogin/python-saml/issues/250) Allow any number of decimal places for seconds on SAML datetimes
* Update demo versions. Improve them and add Tornado demo.

2.7.0

Not secure
* Set true as the default value for strict setting

2.6.0

Not secure
* Adjusted acs endpoint to extract NameQualifier and SPNameQualifier from SAMLResponse. Adjusted single logout service to provide NameQualifier and SPNameQualifier to logout method. Add getNameIdNameQualifier to Auth and SamlResponse. Extend logout method from Auth and LogoutRequest constructor to support SPNameQualifier parameter. Align LogoutRequest constructor with SAML specs
* Added get_in_response_to method to Response and LogoutResponse classes
* Add get_last_authn_contexts method
* Fix bug on friendlyName/nameFormat parameters on RequestedAttribute elements. Wrong variable name caused FriendlyName to overwrite NameFormat
* Add support for Subjects on AuthNRequests by the new name_id_value_req parameeter.Fix testshib test. Improve README: Added inline markup to important references
* Update defusedxml
* Fix path in flask demo

2.5.0

Not secure
* Security improvements. Use of tagid to prevent XPath injection. Disable DTD on fromstring defusedxml method
* [239](https://github.com/onelogin/python-saml/issues/239) Check that the response has all of the AuthnContexts that we provided
* Fixed a ValidationError misspelling
* Don't require compression on LogoutResponse messages by relaxing the decode_base64_and_inflate method
* Add expected/received in WRONG_ISSUER error
* If debug enable, print reason for the SAMLResponse invalidation
* [238](https://github.com/onelogin/python-saml/issues/238) Fix DSA constant
* Start using flake8 for code quality

2.4.2

Not secure
* Update dm.xmlsec.binding dependency to 1.3.7
* Update pylint dependency to 1.9.1
* Update Django demo to use LTS version of Django

2.4.1

Not secure
* Add ID to EntityDescriptor before sign it on add_sign method. Improve the way ds namespace is handled in add_sign method
* Update defusedxml, coveralls and coverage dependencies
* Update copyright and license reference

Page 2 of 6

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.