SUSE-SU-2017:0569-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2016-10127 CVE-2016-10149

Published: 27 Feb 2017, 12:58

Last modified:04 Feb 2026, 02:23

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

27 Feb 2017, 12:58

Published

Vulnerability first disclosed

04 Feb 2026, 02:23

Last Modified

Vulnerability information updated

Description

Security update for python-pysaml2 This update for python-pysaml2 fixes the following issues: - CVE-2016-10127 and CVE-2016-10149: XXE (XML external entity) issues were fixed in python-pysaml2, where external requests to other XML content could be made by parsing XML files using this SAML2 library. (bsc#1019074) To fix this bug, the new dependency python-defusedxml was added and is used for sanitizing XML content.

Affected Systems

suse•python-defusedxml&distro=SUSE OpenStack Cloud 6
< 0.4.1-2.1
suse•python-pysaml2&distro=SUSE OpenStack Cloud 6
< 2.4.0-3.1

SUSE-SU-2017:0569-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)