import mod_auth_mellon-0.17.0-7.el9

2022-11-15 01:49:41 -05:00 · 2022-11-15 01:49:41 -05:00 · b9d49a6a6e
commit b9d49a6a6e
parent 50a242ce8d
1 changed files with 6 additions and 2 deletions
--- a/SPECS/mod_auth_mellon.spec
+++ b/SPECS/mod_auth_mellon.spec
@ -1,7 +1,7 @@
 Summary: A SAML 2.0 authentication module for the Apache Httpd Server
 Name: mod_auth_mellon
 Version: 0.17.0
-Release: 6%{?dist}
+Release: 7%{?dist}
 Source0: https://github.com/latchset/mod_auth_mellon/releases/download/v0.17.0/mod_auth_mellon-0.17.0.tar.gz
 Source1: auth_mellon.conf
 Source2: 10-auth_mellon.conf
@ -100,9 +100,13 @@ in the doc directory for instructions on using the diagnostics build.
 %{_httpd_moddir}/mod_auth_mellon.so
 %{_tmpfilesdir}/mod_auth_mellon.conf
 %{_libexecdir}/%{name}
-%dir /run/%{name}/
+%dir %attr(-, apache, apache) /run/%{name}/

 %changelog
+* Tue Jul 26 2022 Tomas Halman <thalman@redhat.com> - 0.17.0-7
+- bad user/group ownership for /run/mod_auth_mellon
+  Resolves: rhbz#2047948
+
 * Fri Jul 30 2021 Jakub Hrozek <jhrozek@redhat.com> - 0.17.0-6
 - Related: rhbz#1986806 - CVE-2021-3639 mod_auth_mellon: Open Redirect
                          vulnerability in logout URLs