Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
apache2-mod_auth_openidc.19015
apache2-mod_auth_openidc.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File apache2-mod_auth_openidc.changes of Package apache2-mod_auth_openidc.19015
------------------------------------------------------------------- Thu Apr 1 13:09:02 UTC 2021 - pgajdos@suse.com - require hiredis only for newer distros than SLE-15 [jsc#SLE-11726] ------------------------------------------------------------------- Wed Mar 4 14:07:52 UTC 2020 - Kristyna Streitova <kstreitova@suse.com> - add apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch to fix open redirect issue that exists in URLs with a slash and backslash at the beginning [bsc#1164459], [CVE-2019-20479] ------------------------------------------------------------------- Wed Oct 30 11:35:12 UTC 2019 - Kristyna Streitova <kstreitova@suse.com> - add apache2-mod_auth_openidc-2.3.8-CVE-2019-14857.patch to fix open redirect issue that exists in URLs with trailing slashes [bsc#1153666], [CVE-2019-14857] ------------------------------------------------------------------- Fri Nov 9 16:38:07 UTC 2018 - kstreitova@suse.com - submission to SLE15SP1 because of fate#324447 - build with hiredis only for openSUSE where hiredis is available - add a version for jansson BuildRequires ------------------------------------------------------------------- Tue Oct 30 11:04:27 UTC 2018 - kstreitova@suse.com - update to 2.3.8 - changes in 2.3.8 * fix return result FALSE when JWT payload parsing fails * add LGTM code quality badges * fix 3 LGTM alerts * improve auto-detection of XMLHttpRequests via Accept header * initialize test_proto_authorization_request properly * add sanity check on provider->auth_request_method * allow usage with LibreSSL * don't return content with 503 since it will turn the HTTP status code into a 200 * add option to set an upper limit to the number of concurrent state cookies via OIDCStateMaxNumberOfCookies * make the default maximum number of parallel state cookies 7 instead of unlimited * fix using access token as endpoint auth method in introspection calls * fix reading access_token form POST parameters when combined with `AuthType auth-openidc` - changes in 2.3.7 * abort when string length for remote user name substitution is larger than 255 characters * fix Redis concurrency issue when used with multiple vhosts * add support for authorization server metadata with OIDCOAuthServerMetadataURL as in RFC 8414 * refactor session object creation * clear session cookie and contents if cache corruption is detected * use apr_pstrdup when setting r->user * reserve 255 characters in remote username substition instead of 50 - changes in 2.3.6 * add check to detect session cache corruption for server-based caches and cached static metadata * avoid using pipelining for Redis * send Basic header in OAuth www-authenticate response if that's the only accepted method; thanks @puiterwijk * refactor Redis cache backend to solve issues on AUTH errors: a) memory leak and b) redisGetReply lagging behind * adjust copyright year/org * fix buffer overflow in shm cache key set strcpy * turn missing session_state from warning into a debug statement * fix missing "return" on error return from the OP * explicitly set encryption kid so we're compatible with cjose >= 0.6.0 - changes in 2.3.5 * fix encoding of preserved POST data * avoid buffer overflow in shm cache key construction * compile with with Libressl ------------------------------------------------------------------- Fri Apr 27 13:39:45 UTC 2018 - vcizek@suse.com - update to 2.3.4 - requested in fate#323817 ------------------------------------------------------------------- Wed Dec 13 11:19:58 UTC 2017 - christof.hanke@mpcdf.mpg.de - initial packaging
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor