Release 2.5.0

pitbulk · pitbulk · commit f7d7034b92bb · 2019-01-29T17:37:45.000+01:00
diff --git a/README.md b/README.md
@@ -14,6 +14,8 @@ Python3: [python3-saml](https://github.com/onelogin/python3-saml).
 
 #### Warning ####
 
+Update python-saml to 2.5.0, this version includes security improvements for preventing XEE and Xpath Injections.
+
 Update python-saml to 2.4.0, this version includes a fix for the [CVE-2017-11427](https://www.cvedetails.com/cve/CVE-2017-11427/) vulnerability.
 
 This version also changes how the calculate fingerprint method works, and will expect as input a formatted x509 certificate
@@ -436,6 +438,9 @@ In addition to the required settings data (idp, sp), extra settings can be defin
         // Allows the authn comparison parameter to be set, defaults to 'exact' if the setting is not present.
         "requestedAuthnContextComparison": "exact",
 
+        // Set to true to check that the AuthnContext received matches the one requested.
+        "failOnAuthnContextMismatch": false,
+
         // In some environment you will need to set how long the published metadata of the Service Provider gonna be valid.
         // is possible to not set the 2 following parameters (or set to null) and default values will be set (2 days, 1 week)
         // Provide the desired Timestamp, for example 2015-06-26T20:00:00Z
diff --git a/changelog.md b/changelog.md
@@ -1,4 +1,14 @@
 # python-saml changelog
+### 2.5.0 (Jan 29, 2019)
+* Security improvements. Use of tagid to prevent XPath injection. Disable DTD on fromstring defusedxml method
+* [#239](https://github.com/onelogin/python-saml/issues/239) Check that the response has all of the AuthnContexts that we provided
+* Fixed a ValidationError misspelling
+* Don't require compression on LogoutResponse messages by relaxing the decode_base64_and_inflate method
+* Add expected/received in WRONG_ISSUER error
+* If debug enable, print reason for the SAMLResponse invalidation
+* [#238](https://github.com/onelogin/python-saml/issues/238) Fix DSA constant
+* Start using flake8 for code quality
+
 ### 2.4.2 (Sep 05, 2018)
 * Update dm.xmlsec.binding dependency to 1.3.7
 * Update pylint dependency to 1.9.1
diff --git a/setup.py b/setup.py
@@ -9,7 +9,7 @@
 
 setup(
     name='python-saml',
-    version='2.4.2',
+    version='2.5.0',
     description='Onelogin Python Toolkit. Add SAML support to your Python software using this library',
     classifiers=[
         'Development Status :: 5 - Production/Stable',
