rpms/mod_auth_mellon
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to new upstream 0.12.0

Browse Source 
- [CVE-2016-2145] Fix DOS attack (Apache worker process crash) due to
  incorrect error handling when reading POST data from client.

- [CVE-2016-2146] Fix DOS attack (Apache worker process crash /
  resource exhaustion) due to missing size checks when reading
  POST data.

In addition this release contains the following new features and fixes:

- Add MellonRedirectDomains option to limit the sites that
  mod_auth_mellon can redirect to. This option is enabled by default.

- Add support for ECP service options in PAOS requests.

- Fix AssertionConsumerService lookup for PAOS requests.
This commit is contained in:
John Dennis 2016-03-09 09:40:05 -05:00
parent f86b32bd38
commit d61f453f45
3 changed files with 22 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -3,3 +3,4 @@
/mod_auth_mellon-0.9.1.tar.gz /mod_auth_mellon-0.9.1.tar.gz
/mod_auth_mellon-0.10.0.tar.gz /mod_auth_mellon-0.10.0.tar.gz
/mod_auth_mellon-0.11.0.tar.gz /mod_auth_mellon-0.11.0.tar.gz
/mod_auth_mellon-0.12.0.tar.gz

25
mod_auth_mellon.spec
View File

@ -1,7 +1,7 @@
Summary: A SAML 2.0 authentication module for the Apache Httpd Server Summary: A SAML 2.0 authentication module for the Apache Httpd Server
Name: mod_auth_mellon Name: mod_auth_mellon
Version: 0.11.0 Version: 0.12.0
Release: 4%{?dist} Release: 1%{?dist}
Group: System Environment/Daemons Group: System Environment/Daemons
Source0: https://github.com/UNINETT/mod_auth_mellon/releases/download/v%{version}/%{name}-%{version}.tar.gz Source0: https://github.com/UNINETT/mod_auth_mellon/releases/download/v%{version}/%{name}-%{version}.tar.gz
Source1: auth_mellon.conf Source1: auth_mellon.conf
@ -19,8 +19,6 @@ Requires: httpd-mmn = %{_httpd_mmn}
Requires: lasso >= 2.5.0 Requires: lasso >= 2.5.0
Url: https://github.com/UNINETT/mod_auth_mellon Url: https://github.com/UNINETT/mod_auth_mellon
Patch1: acs-warning.patch
%description %description
The mod_auth_mellon module is an authentication service that implements the The mod_auth_mellon module is an authentication service that implements the
SAML 2.0 federation protocol. It grants access based on the attributes SAML 2.0 federation protocol. It grants access based on the attributes
@ -28,7 +26,6 @@ received in assertions generated by a IdP server.
%prep %prep
%setup -q -n %{name}-%{version} %setup -q -n %{name}-%{version}
%patch1 -p1 -b .acs-warning
%build %build
export APXS=%{_httpd_apxs} export APXS=%{_httpd_apxs}
@ -65,6 +62,24 @@ install -m 755 %{SOURCE4} %{buildroot}/%{_libexecdir}/%{name}
%dir /run/%{name}/ %dir /run/%{name}/
%changelog %changelog
* Wed Mar 9 2016 John Dennis <jdennis@redhat.com> - 0.12.0-1
- Update to new upstream 0.12.0
- [CVE-2016-2145] Fix DOS attack (Apache worker process crash) due to
incorrect error handling when reading POST data from client.
- [CVE-2016-2146] Fix DOS attack (Apache worker process crash /
resource exhaustion) due to missing size checks when reading
POST data.
In addition this release contains the following new features and fixes:
- Add MellonRedirectDomains option to limit the sites that
mod_auth_mellon can redirect to. This option is enabled by default.
- Add support for ECP service options in PAOS requests.
- Fix AssertionConsumerService lookup for PAOS requests.
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.11.0-4 * Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.11.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

2
sources
View File

@ -1 +1 @@
d24347881f1c60f26cf686d22cf419de mod_auth_mellon-0.11.0.tar.gz 6c1057847c06d433d4d4a4f55cca1740 mod_auth_mellon-0.12.0.tar.gz