File rubygem-ruby-saml.changes of Package rubygem-ruby-saml

Overview Repositories Revisions Requests Users Attributes Meta

File rubygem-ruby-saml.changes of Package rubygem-ruby-saml

-------------------------------------------------------------------
Mon Nov  4 17:29:51 UTC 2024 - Dan Čermák <dan.cermak@posteo.net>

- New upstream release 1.17.0, see bundled CHANGELOG.md

-------------------------------------------------------------------
Tue Nov 14 15:34:51 UTC 2023 - Dan Čermák <dan.cermak@posteo.net>

- New upstream release 1.16.0, see bundled CHANGELOG.md

-------------------------------------------------------------------
Tue Feb 15 07:42:26 UTC 2022 - Stephan Kulow <coolo@suse.com>

updated to version 1.14.0
 see installed CHANGELOG.md

### 1.14.0 (Feb 01, 2022)
  * [#627](https://github.com/onelogin/ruby-saml/pull/627) Support escape downcasing for validating SLO Signatures of ADFS/Azure
  * [#633](https://github.com/onelogin/ruby-saml/pull/633) Support ability to change ID prefix
  * Make the uuid editable on the SAML Messages generated by the toolkit
  * [#622](https://github.com/onelogin/ruby-saml/pull/622) Add security setting to more strictly enforce audience validation

-------------------------------------------------------------------
Tue Jan 25 07:32:15 UTC 2022 - Stephan Kulow <coolo@suse.com>

updated to version 1.13.0
 changelog.md removed upstream

-------------------------------------------------------------------
Thu Jun 24 17:56:20 UTC 2021 - Stephan Kulow <coolo@suse.com>

updated to version 1.12.2
 see installed changelog.md

### 1.12.2 (Apr 08, 2022)
  * [575](https://github.com/onelogin/ruby-saml/pull/575) Fix SloLogoutresponse bug on LogoutRequest
  
  ### 1.12.1 (Apr 05, 2022)
  * Fix XPath typo incompatible with Rexml 3.2.5
  * Refactor GCM support
  
  ### 1.12.0 (Feb 18, 2021)
  * Support AES-128-GCM, AES-192-GCM, and AES-256-GCM encryptions
  * Parse & return SLO ResponseLocation in IDPMetadataParser & Settings 
  * Adding idp_sso_service_url and idp_slo_service_url settings
  * [#536](https://github.com/onelogin/ruby-saml/pull/536) Adding feth method to be able retrieve attributes based on regex
  * Reduce size of built gem by excluding the test folder
  * Improve protection on Zlib deflate decompression bomb attack.
  * Add ValidUntil and cacheDuration support on Metadata generator
  * Add support for cacheDuration at the IdpMetadataParser
  * Support customizable statusCode on generated LogoutResponse
  * [#545](https://github.com/onelogin/ruby-saml/pull/545) More specific error messages for signature validation
  * Support Process Transform
  * Raise SettingError if invoking an action with no endpoint defined on the settings
  * Made IdpMetadataParser more extensible for subclasses
  *[#548](https://github.com/onelogin/ruby-saml/pull/548) Add :skip_audience option
  * [#555](https://github.com/onelogin/ruby-saml/pull/555) Define 'soft' variable to prevent exception when doc cert is invalid
  * Improve documentation
  
  ### 1.11.0 (Jul 24, 2019)
  
  * Deprecate settings.issuer in favor of settings.sp_entity_id
  * Add support for certification expiration

-------------------------------------------------------------------
Mon Feb 10 15:42:40 UTC 2020 - Stephan Kulow <coolo@suse.com>

- updated to version 1.11.0
 see installed changelog.md

-------------------------------------------------------------------
Sun May  5 09:44:04 UTC 2019 - Stephan Kulow <coolo@suse.com>

- updated to version 1.10.2
 see installed changelog.md

### 1.10.2 (Apr 29, 2019)
  
  * Add valid until, accessor
  * Fix Rubygem metadata that requested nokogiri <= 1.5.11
  
  ### 1.10.1 (Apr 08, 2019)
  
  * Fix ruby 1.8.7 incompatibilities

-------------------------------------------------------------------
Fri Mar 29 06:15:52 UTC 2019 - Stephan Kulow <coolo@suse.com>

- updated to version 1.10.0
 see installed changelog.md

### 1.10.0 (Mar 21, 2019)
  * Add Subject support on AuthNRequest to allow SPs provide info to the IdP about the user to be authenticated
  * Improves IdpMetadataParser to allow parse multiple IDPSSODescriptors
  * Improves format_cert method to accept certs with //
  * Forces nokogiri >= 1.8.2 when possible

-------------------------------------------------------------------
Wed Sep  5 10:40:17 UTC 2018 - coolo@suse.com

- updated to version 1.9.0
 see installed changelog.md

### 1.9.0 (Sept 03, 2018)
  * [#458](https://github.com/onelogin/ruby-saml/pull/458) Remove ruby 2.4+ warnings
  * Improve JRuby support
  * [#465](https://github.com/onelogin/ruby-saml/pull/465) Extend Settings initialization with the new keep_security_attributes parameter
  * Fix wrong message when SessionNotOnOrAfter expired
  * [#471](https://github.com/onelogin/ruby-saml/pull/471) Allow for `allowed_clock_drift` to be set as a string

-------------------------------------------------------------------
Mon Apr 23 15:16:18 UTC 2018 - factory-auto@kulow.org

- updated to version 1.8.0
 see installed changelog.md

### 1.8.0 (April 23, 2018)
  * [#437](https://github.com/onelogin/ruby-saml/issues/437) Creating AuthRequests/LogoutRequests/LogoutResponses with nil RelayState should not send empty RelayState URL param
  * [#454](https://github.com/onelogin/ruby-saml/pull/454) Added Response available options
  * [#453](https://github.com/onelogin/ruby-saml/pull/453) Raise a more descriptive exception if idp_sso_target_url is missing
  * [#452](https://github.com/onelogin/ruby-saml/pull/452) Fix behavior of skip_conditions flag on Response
  * [#449](https://github.com/onelogin/ruby-saml/pull/449) Add ability to skip authnstatement validation
  * Clear cached values to be able to use IdpMetadataParser more than once
  * Updated invalid audience error message

-------------------------------------------------------------------
Thu Mar  1 05:31:25 UTC 2018 - factory-auto@kulow.org

- updated to version 1.7.2
 see installed changelog.md

### 1.7.2 (Feb 28, 2018)
  * [#446](https://github.com/onelogin/ruby-saml/pull/446) Normalize text returned by OneLogin::RubySaml::Utils.element_text
  
  ### 1.7.1 (Feb 28, 2018)
  * [#444](https://github.com/onelogin/ruby-saml/pull/444) Fix audience validation for empty audience restriction

-------------------------------------------------------------------
Wed Feb 28 05:32:50 UTC 2018 - factory-auto@kulow.org

- updated to version 1.7.0
 see installed changelog.md

### 1.7.0 (Feb 27, 2018)
  * Fix vulnerability CVE-2017-11428. Process text of nodes properly, ignoring comments

-------------------------------------------------------------------
Thu Feb  8 06:25:58 UTC 2018 - coolo@suse.com

- updated to version 1.6.1
 see installed changelog.md

### 1.6.1 (January 15, 2018)
  * [#428](https://github.com/onelogin/ruby-saml/issues/428) Fix a bug on IdPMetadataParser when parsing certificates
  * [#426](https://github.com/onelogin/ruby-saml/pull/426) Ensure `Rails` responds to `logger`

-------------------------------------------------------------------
Sun Dec  3 19:34:59 UTC 2017 - coolo@suse.com

- updated to version 1.6.0
 see installed changelog.md

### 1.6.0 (November 27, 2017)
  * [#418](https://github.com/onelogin/ruby-saml/pull/418) Improve SAML message signature validation using original encoded parameters instead decoded in order to avoid conflicts (URL-encoding is not canonical, reported issues with ADFS)
  * [#420](https://github.com/onelogin/ruby-saml/pull/420) Expose NameID Format on SloLogoutrequest
  * [#423](https://github.com/onelogin/ruby-saml/pull/423) Allow format_cert to work with chained certificates
  * [#422](https://github.com/onelogin/ruby-saml/pull/422) Use to_s for requested attribute value

-------------------------------------------------------------------
Mon Sep 11 12:52:07 UTC 2017 - coolo@suse.com

- updated to version 1.5.0
 see installed changelog.md

### 1.5.0 (August 31, 2017)
  * [#400](https://github.com/onelogin/ruby-saml/pull/400) When validating Signature use stored IdP certficate if Signature contains no info about Certificate
  * [#402](https://github.com/onelogin/ruby-saml/pull/402)  Fix validate_response_state method that rejected SAMLResponses when using idp_cert_multi and idp_cert and idp_cert_fingerprint were not provided.
  * [#411](https://github.com/onelogin/ruby-saml/pull/411) Allow space in Base64 string
  * [#407](https://github.com/onelogin/ruby-saml/issues/407) Improve IdpMetadataParser raising an ArgumentError when parser method receive a metadata string with no IDPSSODescriptor element.
  * [#374](https://github.com/onelogin/ruby-saml/issues/374) Support more than one level of StatusCode
  * [#405](https://github.com/onelogin/ruby-saml/pull/405) Support ADFS encrypted key (Accept KeyInfo nodes with no ds namespace)

-------------------------------------------------------------------
Tue May 23 10:18:31 UTC 2017 - coolo@suse.com

- updated to version 1.4.3
 see installed changelog.md

### 1.4.3 (May 18, 2017)
  * Added SubjectConfirmation Recipient validation
  * [#393](https://github.com/onelogin/ruby-saml/pull/393) Implement IdpMetadataParser#parse_to_hash
  * Adapt IdP XML metadata parser to take care of multiple IdP certificates and be able to inject the data obtained on the settings.
  * Improve binding detection on idp metadata parser
  * [#373](https://github.com/onelogin/ruby-saml/pull/373) Allow metadata to be retrieved from source containing data for multiple entities
  * Be able to register future SP x509cert on the settings and publish it on SP metadata
  * Be able to register more than 1 Identity Provider x509cert, linked with an specific use (signing or encryption.
  * Improve regex to detect base64 encoded messages
  * Fix binding configuration example in README.md
  * Add Fix SLO request. Correct NameQualifier/SPNameQualifier values.
  * Validate serial number as string to work around libxml2 limitation
  * Propagate isRequired on md:RequestedAttribute when generating SP metadata

-------------------------------------------------------------------
Thu Jan 12 05:50:29 UTC 2017 - coolo@suse.com

- updated to version 1.4.2
 see installed changelog.md

### 1.4.2 (January 11, 2017)
  * Improve tests format
  * Fix nokogiri requirements based on ruby version
  * Only publish KeyDescriptor[use="encryption"] at SP metadata if security[:want_assertions_encrypted] is true
  * Be able to skip destination validation
  * Improved inResponse validation on SAMLResponses and LogoutResponses
  * [#354](https://github.com/onelogin/ruby-saml/pull/354) Allow scheme and domain to match ignoring case
  * [#363](https://github.com/onelogin/ruby-saml/pull/363) Add support for multiple requested attributes

-------------------------------------------------------------------
Sat Oct 29 04:46:56 UTC 2016 - coolo@suse.com

- updated to version 1.4.1
 see installed changelog.md

### 1.4.1 (October 19, 2016)
  * [#357](https://github.com/onelogin/ruby-saml/pull/357) Add EncryptedAttribute support. Improve decrypt method
  * Allow multiple authn_context_decl_ref in settings
  * Allow options[:settings] to be an hash for Settings overrides in IdpMetadataParser#parse
  * Recover issuers method
  
  ### 1.4.0 (October 13, 2016)
  * Several security improvements:
    * Conditions element required and unique.
    * AuthnStatement element required and unique.
    * SPNameQualifier must math the SP EntityID
    * Reject saml:Attribute element with same “Name” attribute
    * Reject empty nameID
    * Require Issuer element. (Must match IdP EntityID).
    * Destination value can't be blank (if present must match ACS URL).
    * Check that the EncryptedAssertion element only contains 1 Assertion element.
  
  * [#335](https://github.com/onelogin/ruby-saml/pull/335) Explicitly parse as XML and fix setting of Nokogiri options.
  * [#345](https://github.com/onelogin/ruby-saml/pull/345)Support multiple settings.auth_context
  * More tests to prevent XML Signature Wrapping
  * [#342](https://github.com/onelogin/ruby-saml/pull/342) Correct the usage of Mutex
  * [352](https://github.com/onelogin/ruby-saml/pull/352) Support multiple AttributeStatement tags
  
  
  ### 1.3.1 (July 10, 2016)
  * Fix response_test.rb of gem 1.3.0
  * Add reference to Security Guidelines
  * Update License
  * [#334](https://github.com/onelogin/ruby-saml/pull/334) Keep API backward-compatibility on IdpMetadataParser fingerprint method.

-------------------------------------------------------------------
Tue Jun 28 00:11:38 UTC 2016 - mrueckert@suse.de

- update to 1.3.0

-------------------------------------------------------------------
Tue Apr 19 02:58:35 UTC 2016 - mrueckert@suse.de

- update to 1.1.2

-------------------------------------------------------------------
Thu Feb  4 10:57:26 UTC 2016 - mrueckert@suse.de

- update to 1.1.1

-------------------------------------------------------------------
Wed Aug 19 20:02:55 UTC 2015 - mrueckert@suse.de

- update to 1.0.0

-------------------------------------------------------------------
Mon Jun  1 01:02:54 UTC 2015 - mrueckert@suse.de

- initial package

Places

File rubygem-ruby-saml.changes of Package rubygem-ruby-saml

Places