Comment 1 for bug 1791835

This is regarding CVE-2017-1000433 which has a base score of 6.8 and a very low impact:

https://nvd.nist.gov/vuln/detail/CVE-2017-1000433

Red Hat has decided not to fix this:

https://access.redhat.com/security/cve/cve-2017-1000433

Although the affected code is present in shipped packages, python-pysaml2 is included only as a dependency of other packages. The affected code cannot be reached in any supported configuration of Red Hat OpenStack Platform.