Release 2.1.9

SAML-Toolkits · Jun 27, 2016 · 2461c36 · 2461c36
1 parent b65749d
commit 2461c36
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -14,8 +14,14 @@ This version supports Python2, exists an alternative version compatible with Pyt
 
 #### Warning ####
 
-`Please if you are using python-saml < v2.1.6. Update it!
-v2.1.6 includes a security patch that will prevent signature wrapping attacks, older versions are vulnerable.` :exclamation:
+Update python-saml to 2.1.9, this version includes a security patch that contains extra validations that will prevent signature wrapping attacks.
+
+python-saml < v2.1.6 is vulnerable and allows signature wrapping!
+
+
+#### Security Guidelines ####
+
+If you believe you have discovered a security vulnerability in this toolkit, please report it at https://www.onelogin.com/security with a description. We follow responsible disclosure guidelines, and will work with you to quickly find a resolution.
 
 
 Why add SAML support to my software?

diff --git a/changelog.md b/changelog.md
@@ -1,5 +1,9 @@
 # python-saml changelog
 
+### 2.1.9 (Jun 27, 2016)
+* Change the decrypt assertion process.
+* Add 2 extra validations to prevent Signature wrapping attacks.
+
 ### 2.1.8 (Jun 02, 2016)
 * Fix Metadata XML (RequestedAttribute)
 * Fix Windows specific Unix date formatting bug.

diff --git a/setup.py b/setup.py
@@ -9,7 +9,7 @@
 
 setup(
     name='python-saml',
-    version='2.1.8',
+    version='2.1.9',
     description='Onelogin Python Toolkit. Add SAML support to your Python software using this library',
     classifiers=[
         'Development Status :: 4 - Beta',