Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

mod_auth_mellon-diagnostics-0.14.0-12.el8 RPM for ppc64le

From CentOS 8-stream AppStream for ppc64le / Packages

Name: mod_auth_mellon-diagnostics Distribution: CentOS
Version: 0.14.0 Vendor: CentOS
Release: 12.el8 Build date: Tue Feb 2 08:04:16 2021
Group: System Environment/Daemons Build host: ppc64le-01.mbox.centos.org
Size: 267192 Source RPM: mod_auth_mellon-0.14.0-12.el8.src.rpm
Packager: CentOS Buildsys <bugs@centos.org>
Url: https://github.com/UNINETT/mod_auth_mellon
Summary: Build of mod_auth_mellon with diagnostic logging
Build of mod_auth_mellon with diagnostic logging. See README.redhat.rst
in the doc directory for instructions on using the diagnostics build.

Provides

Requires

License

GPLv2+

Changelog

* Mon Jan 25 2021 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-12
  - Resolves: rhbz#1791262 - Backport SameSite=None cookie from upstream to
                             support latest browsers
* Fri Oct 18 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-11
  - Resolves: rhbz#1731053 - CVE-2019-13038 mod_auth_mellon: an Open Redirect
                             via the login?ReturnTo= substring which could
                             facilitate information theft [rhel-8]
* Fri Oct 18 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-10
  - Resolves: rhbz#1761774 - mod_auth_mellon fix for AJAX header name
                             X-Requested-With
* Thu Jun 13 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-9
  - Just bump the release number
  - Related: rhbz#1718238 - mod_auth_mellon-diagnostics RPM not in product
                            listings
* Fri Jun 07 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-8
  - Resolves: rhbz#1691894 - [RFE] Config option to change mod_auth_mellon prefix
* Fri Jun 07 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-7
  - Apply the patch from the previous commit
  - Resolves: rhbz#1692471 - CVE-2019-3877 appstream/mod_auth_mellon: open
                             redirect in logout url when using URLs with
                             backslashes [rhel-8]
* Fri Jun 07 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-6
  - Resolves: rhbz#1692471 - CVE-2019-3877 appstream/mod_auth_mellon: open
                             redirect in logout url when using URLs with
                             backslashes [rhel-8]
* Fri Jun 07 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-5
  - Resolves: rhbz#1692457 - CVE-2019-3878 mod_auth_mellon: authentication
                             bypass in ECP flow [rhel-8.1.0]
* Wed Apr 24 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-4
  - Resolves: rhbz#1702695 - fresh install of mod_auth_mellon shows rpm
                             verification warnings
* Mon Jul 30 2018 Florian Weimer <fweimer@redhat.com> - 0.14.0-3
  - Rebuild with fixed binutils
* Fri Jun 01 2018 <jdennis@redhat.com> - 0.14.0-2
  - Resolves: rhbz#1553885
  - fix file permissions on doc files
* Fri Jun 01 2018 <jdennis@redhat.com> - 0.14.0-1
  - Resolves: rhbz#1553885
  - Rebase to current upstream release
* Thu Mar 29 2018 John Dennis <jdennis@redhat.com> - 0.13.1-2
  - Resolves: rhbz#1481330 Add diagnostic logging
  - Resolves: rhbz#1295472 Add MellonSignatureMethod config option to set
    signature method used to sign SAML messages sent by Mellon.
    Defaults to original sha1.
* Sun Oct 01 2017 John Dennis <jdennis@redhat.com> - 0.13.1-1
  - upgrade to new upstream release
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.12.0-7
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.12.0-6
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.12.0-5
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Tue Jan 17 2017 John Dennis <jdennis@redhat.com> - 0.12.0-4
  - Resolves: bug #1414019 Incorrect PAOS Content-Type header
* Mon Jan 09 2017 John Dennis <jdennis@redhat.com> - 0.12.0-3
  - bump release for rebuild
* Tue May 03 2016 John Dennis <jdennis@redhat.com> - 0.12.0-2
  - Resolves: bug #1332729, mellon conflicts with mod_auth_openidc
  - am_check_uid() should be no-op if mellon not enabled
* Wed Mar 09 2016 John Dennis <jdennis@redhat.com> - 0.12.0-1
  - Update to new upstream 0.12.0
  - [CVE-2016-2145] Fix DOS attack (Apache worker process crash) due to
    incorrect error handling when reading POST data from client.
  
  - [CVE-2016-2146] Fix DOS attack (Apache worker process crash /
    resource exhaustion) due to missing size checks when reading
    POST data.
  
  In addition this release contains the following new features and fixes:
  
  - Add MellonRedirectDomains option to limit the sites that
    mod_auth_mellon can redirect to. This option is enabled by default.
  
  - Add support for ECP service options in PAOS requests.
  
  - Fix AssertionConsumerService lookup for PAOS requests.
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.11.0-4
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Wed Dec 23 2015 John Dennis <jdennis@redhat.com> - 0.11.0-3
  - Fix the following warning that appears in the Apache log
    lasso-CRITICAL **: lasso_provider_get_metadata_list_for_role: assertion '_lasso_provider_get_role_index(role)' failed
* Fri Sep 18 2015 John Dennis <jdennis@redhat.com> - 0.11.0-2
  - Add lasso 2.5.0 version dependency
* Fri Sep 18 2015 John Dennis <jdennis@redhat.com> - 0.11.0-1
  - Upgrade to upstream 0.11.0 release.
  - Includes ECP support, see NEWS for all changes.
  - Update mellon_create_metadata.sh to match internally generated metadata,
    includes AssertionConsumerService for postResponse, artifactResponse &
    paosResponse.
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.10.0-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Wed Jan 07 2015 Simo Sorce <simo@redhat.com> 0.10.0-1
  - New upstream release
* Tue Sep 02 2014 Simo Sorce <simo@redhat.com> 0.9.1-1
  - New upstream release
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.0-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Tue Jun 24 2014 Simo Sorce <simo@redhat.com> 0.8.0-1
  - New upstream realease version 0.8.0
  - Upstream moved to github
  - Drops patches as they have been all included upstream
* Fri Jun 20 2014 Simo Sorce <simo@redhat.com> 0.7.0-3
  - Backport of useful patches from upstream
    - Better handling of IDP reported errors
    - Better handling of session data storage size
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.0-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue Dec 10 2013 Simo Sorce <simo@redhat.com> 0.7.0-1
  - Fix ownership of /run files
* Wed Nov 27 2013 Simo Sorce <simo@redhat.com> 0.7.0-0
  - Initial Fedora release based on version 0.7.0
  - Based on an old spec file by Jean-Marc Liger <jmliger@siris.sorbonne.fr>

Files

/usr/lib/.build-id
/usr/lib/.build-id/a3
/usr/lib/.build-id/a3/013f912ef161acaadf66ed24e4edb62916ac3c
/usr/lib64/httpd/modules/mod_auth_mellon-diagnostics.so


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Mar 26 04:19:49 2024