[ol7_latest] lasso-2.5.1-8.el7_9.aarch64

Name:	lasso
Version:	2.5.1
Release:	8.el7_9
Architecture:	aarch64
Group:	System Environment/Libraries
Size:	614410
License:	GPLv2+
RPM:	lasso-2.5.1-8.el7_9.aarch64.rpm
Source RPM:	lasso-2.5.1-8.el7_9.src.rpm
Build Date:	Mon Aug 02 2021
Build Host:	host-100-100-224-2.blddevtest1iad.osdevelopmeniad.oraclevcn.com
Vendor:	Oracle America
URL:	http://lasso.entrouvert.org/
Summary:	Liberty Alliance Single Sign On
Description:	Lasso is a library that implements the Liberty Alliance Single Sign On standards, including the SAML and SAML2 specifications. It allows to handle the whole life-cycle of SAML based Federations, and provides bindings for multiple languages.

Changelog (Show File list) (Show related packages)

Wed Jun 02 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.5.1-8

- Fix Coverity warning introduced by the previous patch
- Related: #1963855 - CVE-2021-28091 lasso: XML signature wrapping
                      vulnerability when parsing SAML responses

Wed Jun 02 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.5.1-7

- Fix Coverity warning introduced by the previous patch
- Related: #1963855 - CVE-2021-28091 lasso: XML signature wrapping
                      vulnerability when parsing SAML responses

Wed Jun 02 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.5.1-6

- Resolves: #1963855 - CVE-2021-28091 lasso: XML signature wrapping
                       vulnerability when parsing SAML responses

Tue Aug 06 2019 Jakub Hrozek <jhrozek@redhat.com> - 2.5.1-5

- Resolves: #1719014 - Expired certificate prevents tests from running
- Actually apply the patch file for the previous build
- Related: #1730009 - lasso includes "Destination" attribute in SAML
                       AuthnRequest populated with SP
                       AssertionConsumerServiceURL when ECP workflow
                       is used which leads to IdP-side errors

Tue Jul 23 2019 Jakub Hrozek <jhrozek@redhat.com> - 2.5.1-4

- Resolves: #1730009 - lasso includes "Destination" attribute in SAML
                       AuthnRequest populated with SP
                       AssertionConsumerServiceURL when ECP workflow
                       is used which leads to IdP-side errors

Sun Feb 10 2019 Jakub Hrozek <jhrozek@redhat.com> - 2.5.1-3

- Resolves: #1634267 - ECP signature check fails with
                       LASSO_DS_ERROR_SIGNATURE_NOT_FOUND when assertion signed
                       instead of response

Fri Jun 17 2016 John Dennis <jdennis@redhat.com> - 2.5.1-2

- Rebase to upstream 2.5.1
  Resolves: #1310860
- add validate_idp_list_test patch

Thu Jun 09 2016 John Dennis <jdennis@redhat.com> - 2.5.1-1
```
- Rebase to upstream 2.5.1
  Resolves: #1310860
```

Thu Sep 03 2015 John Dennis <jdennis@redhat.com> - 2.5.0-1

- Rebase to upstream, now includes our ECP patches, no need to patch any more
  Resolves: #1205342

Tue Sep 01 2015 John Dennis <jdennis@redhat.com> - 2.4.1-8

- Add explicit minimum dependency on glib2 2.42,
  for some reason RPM is not automatically detecting the dependency
  Resolves: #1254989