Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

mod_auth_mellon-0.14.0-9.el7_9 RPM for x86_64

From Updates for CentOS 7.9.2009 for x86_64 / Packages

Name: mod_auth_mellon Distribution: Unknown
Version: 0.14.0 Vendor: CentOS
Release: 9.el7_9 Build date: Mon Nov 16 17:28:59 2020
Group: System Environment/Daemons Build host: x86-01.bsys.centos.org
Size: 2505283 Source RPM: mod_auth_mellon-0.14.0-9.el7_9.src.rpm
Packager: CentOS BuildSystem <http://bugs.centos.org>
Url: https://github.com/UNINETT/mod_auth_mellon
Summary: A SAML 2.0 authentication module for the Apache Httpd Server
The mod_auth_mellon module is an authentication service that implements the
SAML 2.0 federation protocol. It grants access based on the attributes
received in assertions generated by a IdP server.

Provides

Requires

License

GPLv2+

Changelog

* Sun Feb 09 2020 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-9
  - Resolves: rhbz#1791264 - Backport SameSite=None cookie from upstream to
                             support latest browsers
* Wed Oct 09 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-8
  - Resolves: rhbz#1731052 - CVE-2019-13038 mod_auth_mellon: an Open Redirect via
                             the login?ReturnTo= substring which could facilitate
                             information theft [rhel-7]
* Tue Aug 06 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-7
  - Resolves: rhbz#1727789 - mod_auth_mellon fix for AJAX header name
                             X-Requested-With
* Tue Apr 02 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-6
  - Apply the patch from the previous commit
  - Resolves: rhbz#1692470 - CVE-2019-3877 mod_auth_mellon: open redirect
                             in logout url when using URLs with backslashes
                             [rhel-7]
* Tue Apr 02 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-5
  - Resolves: rhbz#1692470 - CVE-2019-3877 mod_auth_mellon: open redirect
                             in logout url when using URLs with backslashes
                             [rhel-7]
* Fri Mar 22 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-4
  - Resolves: rhbz#1576719 - ECP flow not triggering, instead client access
                             secured resources without ECP authentication
* Tue Mar 05 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-3
  - Resolves: rhbz#1652980 - mod_auth_mellon Cert files name wrong when
                             hostname contains a number
* Fri Jun 01 2018 <jdennis@redhat.com> - 0.14.0-2
  - Resolves: rhbz#1553885
  - fix file permissions on doc files
* Fri Jun 01 2018 <jdennis@redhat.com> - 0.14.0-1
  - Resolves: rhbz#1553885
  - Rebase to current upstream release
* Thu Mar 29 2018 John Dennis <jdennis@redhat.com> - 0.13.1-2
  - Resolves: rhbz#1481330 Add diagnostic logging
  - Resolves: rhbz#1295472 Add MellonSignatureMethod config option to set
    signature method used to sign SAML messages sent by Mellon.
    Defaults to original sha1.
* Fri Oct 20 2017 John Dennis <jdennis@redhat.com> - 0.13.1-1
  - Resolves: rhbz#1481332 Upgrade to current upstream 0.13.1
  - Adds the following upstream bug fixes on top of 0.13.1:
    * ee97812 Add Mellon User Guide
    * daa5d1e If no IdP's are defined explicitly log that fact
    * c291232 Make MellonUser case-insensitive.
    * 2c2e19d Fix incorrect error check for many `lasso_*`-functions.
    * 5c5ed1d Fix segmentation fault with POST field without a value.
    * 4c924d9 Fix some log message typos
    * 93faba4 Update log msg for Invalid Destination and Invalid Audience to
      show both the expected and received values.
  - Add new mellon user guide to installed docdir
* Mon Jan 30 2017 John Dennis <jdennis@redhat.com> - 0.11.0-4
  - Resolves: rhbz#1414021 - Incorrect Content-Type header in ECP PAOS
    Rebuilding due to missing comment in Changelog
* Mon Jan 30 2017 John Dennis <jdennis@redhat.com> - 0.11.0-3
  - Resolves: rhbz#1414021 - Incorrect Content-Type header in ECP PAOS
* Fri Apr 08 2016 John Dennis <jdennis@redhat.com> - 0.11.0-2
  - Resolves: bug #1296286
    mod_auth_mellon emits CRITICAL warning message in Apache log when doing ECP
  - Resolves: bug #1324536
    Installing mod_auth_mellon causes working Kerberos authentication
    to start failing
  - Add ECP.rst documentation file that was erroneously omitted
* Fri Sep 18 2015 John Dennis <jdennis@redhat.com> - 0.11.0-1
  - Upgrade to upstream 0.11.0 release.
  - Includes ECP support, see NEWS for all changes.
  - Update mellon_create_metadata.sh to match internally generated metadata,
    includes AssertionConsumerService for postResponse, artifactResponse &
    paosResponse.
  - Add lasso 2.5.0 version dependency
  - Resolves: #1205345
* Mon Aug 24 2015 John Dennis <jdennis@redhat.com> - 0.10.0-3
  - Rebase to upstream 0.10.0 release
  - Apply upstream commits post 0.10.0 release
  - Apply revised ECP pending patches,
    fix patch to pickup change in configure script that causes
    HAVE_ECP to be defined
  - Resolves: #1205345
* Wed Aug 19 2015 John Dennis <jdennis@redhat.com> - 0.10.0-2
  - Rebase to upstream 0.10.0 release
  - Apply upstream commits post 0.10.0 release
  - Apply revised ECP pending patches
  - Resolves: #1205345
* Mon Jun 22 2015 John Dennis <jdennis@redhat.com> - 0.10.0-1
  - Rebase to upstream 0.10.0 release
  - Apply upstream commits post 0.10.0 release
  - Apply ECP pending patches
  - Resolves: #1205345
* Mon Dec 08 2014 Simo Sorce <simo@redhat.com> 0.9.1-4
  - Large scale intreop patches
  - Resolves: #1167844
* Wed Sep 10 2014 Simo Sorce <simo@redhat.com> 0.9.1-3
  - Fix upstream sources URL
  - Related: #1120353
* Fri Sep 05 2014 Simo Sorce <simo@redhat.com> 0.9.1-2
  - Import package in RHEL7
  - Resolves: #1120353
* Tue Sep 02 2014 Simo Sorce <simo@redhat.com> 0.9.1-1
  - New upstream release
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.0-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Tue Jun 24 2014 Simo Sorce <simo@redhat.com> 0.8.0-1
  - New upstream realease version 0.8.0
  - Upstream moved to github
  - Drops patches as they have been all included upstream
* Fri Jun 20 2014 Simo Sorce <simo@redhat.com> 0.7.0-3
  - Backport of useful patches from upstream
    - Better handling of IDP reported errors
    - Better handling of session data storage size
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.7.0-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue Dec 10 2013 Simo Sorce <simo@redhat.com> 0.7.0-1
  - Fix ownership of /run files
* Wed Nov 27 2013 Simo Sorce <simo@redhat.com> 0.7.0-0
  - Initial Fedora release based on version 0.7.0
  - Based on an old spec file by Jean-Marc Liger <jmliger@siris.sorbonne.fr>

Files

/etc/httpd/conf.d/auth_mellon.conf
/etc/httpd/conf.modules.d/10-auth_mellon.conf
/run/mod_auth_mellon
/usr/lib/tmpfiles.d/mod_auth_mellon.conf
/usr/lib64/httpd/modules/mod_auth_mellon.so
/usr/libexec/mod_auth_mellon
/usr/libexec/mod_auth_mellon/mellon_create_metadata.sh
/usr/share/doc/mod_auth_mellon-0.14.0
/usr/share/doc/mod_auth_mellon-0.14.0/ECP.rst
/usr/share/doc/mod_auth_mellon-0.14.0/NEWS
/usr/share/doc/mod_auth_mellon-0.14.0/README.md
/usr/share/doc/mod_auth_mellon-0.14.0/README.redhat.rst
/usr/share/doc/mod_auth_mellon-0.14.0/user_guide
/usr/share/doc/mod_auth_mellon-0.14.0/user_guide/Guardfile
/usr/share/doc/mod_auth_mellon-0.14.0/user_guide/README
/usr/share/doc/mod_auth_mellon-0.14.0/user_guide/images
/usr/share/doc/mod_auth_mellon-0.14.0/user_guide/images/chrome_SAML_Chrome_Panel.png
/usr/share/doc/mod_auth_mellon-0.14.0/user_guide/images/chrome_SAML_Chrome_Panel.svg
/usr/share/doc/mod_auth_mellon-0.14.0/user_guide/images/saml-tracer.png
/usr/share/doc/mod_auth_mellon-0.14.0/user_guide/images/saml-tracer.svg
/usr/share/doc/mod_auth_mellon-0.14.0/user_guide/images/saml-web-sso.svg
/usr/share/doc/mod_auth_mellon-0.14.0/user_guide/mellon_user_guide.adoc
/usr/share/doc/mod_auth_mellon-0.14.0/user_guide/mellon_user_guide.html
/usr/share/licenses/mod_auth_mellon-0.14.0
/usr/share/licenses/mod_auth_mellon-0.14.0/COPYING


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Mar 23 03:05:35 2024