Lasso 2.7.0
Resolves: rhbz#1966606: CVE-2021-28091 lasso: XML signature wrapping vulnerability when parsing SAML responses Remove java bindings
This commit is contained in:
parent
cc5adfb426
commit
cfc56dae55
1
.gitignore
vendored
1
.gitignore
vendored
@ -5,3 +5,4 @@
|
|||||||
/lasso-2.5.1.tar.gz
|
/lasso-2.5.1.tar.gz
|
||||||
/lasso-2.6.0.tar.gz
|
/lasso-2.6.0.tar.gz
|
||||||
/lasso-2.6.1.tar.gz
|
/lasso-2.6.1.tar.gz
|
||||||
|
/lasso-2.7.0.tar.gz
|
||||||
|
17
lasso.spec
17
lasso.spec
@ -1,4 +1,4 @@
|
|||||||
%global with_java 1
|
%global with_java 0
|
||||||
%global with_php 0
|
%global with_php 0
|
||||||
%global with_perl 1
|
%global with_perl 1
|
||||||
# The Lasso build system requires python, especially the binding generators
|
# The Lasso build system requires python, especially the binding generators
|
||||||
@ -58,8 +58,8 @@
|
|||||||
|
|
||||||
Summary: Liberty Alliance Single Sign On
|
Summary: Liberty Alliance Single Sign On
|
||||||
Name: lasso
|
Name: lasso
|
||||||
Version: 2.6.1
|
Version: 2.7.0
|
||||||
Release: 9%{?dist}
|
Release: 1%{?dist}
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
URL: http://lasso.entrouvert.org/
|
URL: http://lasso.entrouvert.org/
|
||||||
Source: http://dev.entrouvert.org/lasso/lasso-%{version}.tar.gz
|
Source: http://dev.entrouvert.org/lasso/lasso-%{version}.tar.gz
|
||||||
@ -83,6 +83,11 @@ BuildRequires: cyrus-sasl-devel
|
|||||||
|
|
||||||
Requires: xmlsec1
|
Requires: xmlsec1
|
||||||
|
|
||||||
|
# lasso upstream no longer supports java bindings
|
||||||
|
# see https://dev.entrouvert.org/issues/45876#change-289747
|
||||||
|
# and https://dev.entrouvert.org/issues/51418
|
||||||
|
Obsoletes: java-lasso < %{version}-%{release}
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Lasso is a library that implements the Liberty Alliance Single Sign On
|
Lasso is a library that implements the Liberty Alliance Single Sign On
|
||||||
standards, including the SAML and SAML2 specifications. It allows to handle
|
standards, including the SAML and SAML2 specifications. It allows to handle
|
||||||
@ -308,6 +313,12 @@ rm -fr %{buildroot}%{_defaultdocdir}/%{name}
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Jun 2 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.7.0-1
|
||||||
|
- Lasso 2.7.0
|
||||||
|
- Resolves: rhbz#1966606: CVE-2021-28091 lasso: XML signature wrapping
|
||||||
|
vulnerability when parsing SAML responses
|
||||||
|
- Remove java bindings
|
||||||
|
|
||||||
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.6.1-9
|
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.6.1-9
|
||||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||||
|
|
||||||
|
2
sources
2
sources
@ -1 +1 @@
|
|||||||
SHA512 (lasso-2.6.1.tar.gz) = 768e577ccf650d61305cbb2d8be0d3e13a5c8b6b05f6b0a8419fcd23030eb7530740e8ca785f0279331d7e31743b2e0ab234de50eb87d41cfda5d692a1583d4b
|
SHA512 (lasso-2.7.0.tar.gz) = 98615d6166cdec52abef4f5346119040f310dbee624c2cd168d2f95b5fe3e0e1437ec6bfc2cd8b680044438afa15770402f5aef87d1885f7bc61528617c17a74
|
||||||
|
Loading…
Reference in New Issue
Block a user