[ol7_latest] mod_auth_mellon-diagnostics-0.14.0-8.el7.aarch64

Name:	mod_auth_mellon-diagnostics
Version:	0.14.0
Release:	8.el7
Architecture:	aarch64
Group:	System Environment/Daemons
Size:	201008
License:	GPLv2+
RPM:	mod_auth_mellon-diagnostics-0.14.0-8.el7.aarch64.rpm
Source RPM:	mod_auth_mellon-0.14.0-8.el7.src.rpm
Build Date:	Tue Mar 31 2020
Build Host:	ca-buildarm04.us.oracle.com
Vendor:	Oracle America
URL:	https://github.com/UNINETT/mod_auth_mellon
Summary:	Build of mod_auth_mellon with diagnostic logging
Description:	Build of mod_auth_mellon with diagnostic logging. See README.redhat.rst in the doc directory for instructions on using the diagnostics build.

Changelog (Show File list) (Show related packages)

Wed Oct 09 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-8

- Resolves: rhbz#1731052 - CVE-2019-13038 mod_auth_mellon: an Open Redirect via
                           the login?ReturnTo= substring which could facilitate
                           information theft [rhel-7]

Tue Aug 06 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-7

- Resolves: rhbz#1727789 - mod_auth_mellon fix for AJAX header name
                           X-Requested-With

Tue Apr 02 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-6

- Apply the patch from the previous commit
- Resolves: rhbz#1692470 - CVE-2019-3877 mod_auth_mellon: open redirect
                           in logout url when using URLs with backslashes
                           [rhel-7]

Tue Apr 02 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-5

- Resolves: rhbz#1692470 - CVE-2019-3877 mod_auth_mellon: open redirect
                           in logout url when using URLs with backslashes
                           [rhel-7]

Fri Mar 22 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-4

- Resolves: rhbz#1576719 - ECP flow not triggering, instead client access
                           secured resources without ECP authentication

Tue Mar 05 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.14.0-3

- Resolves: rhbz#1652980 - mod_auth_mellon Cert files name wrong when
                           hostname contains a number

Fri Jun 01 2018 <jdennis@redhat.com> - 0.14.0-2

- Resolves: rhbz#1553885
- fix file permissions on doc files

Fri Jun 01 2018 <jdennis@redhat.com> - 0.14.0-1

- Resolves: rhbz#1553885
- Rebase to current upstream release

Thu Mar 29 2018 John Dennis <jdennis@redhat.com> - 0.13.1-2

- Resolves: rhbz#1481330 Add diagnostic logging
- Resolves: rhbz#1295472 Add MellonSignatureMethod config option to set
  signature method used to sign SAML messages sent by Mellon.
  Defaults to original sha1.

Fri Oct 20 2017 John Dennis <jdennis@redhat.com> - 0.13.1-1

- Resolves: rhbz#1481332 Upgrade to current upstream 0.13.1
- Adds the following upstream bug fixes on top of 0.13.1:
  * ee97812 Add Mellon User Guide
  * daa5d1e If no IdP's are defined explicitly log that fact
  * c291232 Make MellonUser case-insensitive.
  * 2c2e19d Fix incorrect error check for many `lasso_*`-functions.
  * 5c5ed1d Fix segmentation fault with POST field without a value.
  * 4c924d9 Fix some log message typos
  * 93faba4 Update log msg for Invalid Destination and Invalid Audience to
    show both the expected and received values.
- Add new mellon user guide to installed docdir