rpms/mod_auth_mellon
5
0
Fork 0
Code Issues Pull Requests Releases Activity

New upstream version 0.15.0

Browse Source 
Resolves: rhbz#1725742 - CVE-2019-13038 mod_auth_mellon: an Open Redirect
                           via the login?ReturnTo= substring which could
                           facilitate information theft [fedora-all]
This commit is contained in:
Jakub Hrozek 2019-11-19 10:48:55 +01:00
parent c201ed18c4
commit 9707601413
3 changed files with 12 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -7,3 +7,4 @@
/mod_auth_mellon-0.13.1.tar.gz /mod_auth_mellon-0.13.1.tar.gz
/mod_auth_mellon-0.14.0.tar.gz /mod_auth_mellon-0.14.0.tar.gz
/mod_auth_mellon-0.14.2.tar.gz /mod_auth_mellon-0.14.2.tar.gz
/mod_auth_mellon-0.15.0.tar.gz

14
mod_auth_mellon.spec
View File

@ -1,8 +1,8 @@
Summary: A SAML 2.0 authentication module for the Apache Httpd Server Summary: A SAML 2.0 authentication module for the Apache Httpd Server
Name: mod_auth_mellon Name: mod_auth_mellon
Version: 0.14.2 Version: 0.15.0
Release: 2%{?dist} Release: 1%{?dist}
Source0: https://github.com/UNINETT/mod_auth_mellon/releases/download/v%{version}/%{name}-%{version}.tar.gz Source0: https://github.com/latchset/mod_auth_mellon/releases/download/v%{version}/%{name}-%{version}.tar.gz
Source1: auth_mellon.conf Source1: auth_mellon.conf
Source2: 10-auth_mellon.conf Source2: 10-auth_mellon.conf
Source3: mod_auth_mellon.conf Source3: mod_auth_mellon.conf
@ -19,7 +19,7 @@ BuildRequires: xmlsec1-devel
BuildRequires: rubygem-asciidoctor BuildRequires: rubygem-asciidoctor
Requires: httpd-mmn = %{_httpd_mmn} Requires: httpd-mmn = %{_httpd_mmn}
Requires: lasso >= 2.5.1-13 Requires: lasso >= 2.5.1-13
Url: https://github.com/UNINETT/mod_auth_mellon Url: https://github.com/latchset/mod_auth_mellon
%description %description
@ -101,6 +101,12 @@ in the doc directory for instructions on using the diagnostics build.
%dir /run/%{name}/ %dir /run/%{name}/
%changelog %changelog
* Tue Nov 19 2019 Jakub Hrozek <jhrozek@redhat.com> - 0.15.0-1
- New upstream version 0.15.0
- Resolves: rhbz#1725742 - CVE-2019-13038 mod_auth_mellon: an Open Redirect
via the login?ReturnTo= substring which could
facilitate information theft [fedora-all]
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.14.2-2 * Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.14.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

2
sources
View File

@ -1 +1 @@
SHA512 (mod_auth_mellon-0.14.2.tar.gz) = 9d14b1482a73ce7e86f5f7618454aab8759533649f34fa0088264b7b09dbd90db46011c629303b2f3ad969379937ff5adaa0d7b63a502cdfbba0cd1b762502a6 SHA512 (mod_auth_mellon-0.15.0.tar.gz) = 8a36543a925657e059db92607356cbd15f8f4d7296fc2387516e37b544918c051441ba324a2c9cd880d8f5918d60489a9bd0e9c717a63e76384dcd6baa042d74