Skip to content

Commit 91172ab

Browse files
pitbulkpitbulk
committed
Add CVE reference to the README
1 parent ce0d716 commit 91172ab

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ This version supports Python3, There is a separate version that only support Pyt
1414

1515
#### Warning ####
1616

17-
Update python3-saml to 1.2.1 that patch 1.2.0 (that had a bug on signature validation process (when using wantAssertionsSigned and wantMessagesSigned).
17+
Update python3-saml to 1.2.1 that patch 1.2.0 (that had a bug on signature validation process (when using wantAssertionsSigned and wantMessagesSigned). [CVE-2016-1000251](https://github.com/distributedweaknessfiling/DWF-Database-Artifacts/blob/master/DWF/2016/1000251/CVE-2016-1000251.json)
1818

1919
1.2.0 version includes a security patch that contains extra validations that will prevent signature wrapping attacks.
2020

0 commit comments

Comments
 (0)