mod_auth_mellon

Author	SHA1	Message	Date
Jakub Hrozek	9707601413	New upstream version 0.15.0 Resolves: rhbz#1725742 - CVE-2019-13038 mod_auth_mellon: an Open Redirect via the login?ReturnTo= substring which could facilitate information theft [fedora-all]	2019-11-19 10:48:58 +01:00
Jakub Hrozek	dc2e6c5a1f	Upgrade to 0.14.2	2019-03-22 21:28:22 +01:00
John Dennis	73d052dab9	Upgrade to new upstream release Add README.redhat.rst doc explaining packaging of this module.	2018-04-19 18:50:33 -04:00
John Dennis	709a5443f9	Upgrade to new upstream 0.13.1 release	2017-10-01 11:50:11 -04:00
John Dennis	d61f453f45	Update to new upstream 0.12.0 - [CVE-2016-2145] Fix DOS attack (Apache worker process crash) due to incorrect error handling when reading POST data from client. - [CVE-2016-2146] Fix DOS attack (Apache worker process crash / resource exhaustion) due to missing size checks when reading POST data. In addition this release contains the following new features and fixes: - Add MellonRedirectDomains option to limit the sites that mod_auth_mellon can redirect to. This option is enabled by default. - Add support for ECP service options in PAOS requests. - Fix AssertionConsumerService lookup for PAOS requests.	2016-03-09 09:40:05 -05:00
John Dennis	5d207147c3	Upgrade to upstream 0.11.0 release. Includes ECP support, see NEWS for all changes. Update mellon_create_metadata.sh to match internally generated metadata, includes AssertionConsumerService for postResponse, artifactResponse & paosResponse.	2015-09-17 21:49:53 -04:00
Simo Sorce	4af43b73a0	New upstream release	2015-01-07 17:27:45 -05:00
Simo Sorce	6a56e0271a	New upstream release	2014-09-02 15:39:27 -04:00
Simo Sorce	eb3a0b50b0	New upstream realease version 0.8.0 - Upstream moved to github - Drops patches as they have been all included upstream	2014-06-24 15:50:56 -04:00
Simo Sorce	5f23c37313	Initial import	2013-12-11 09:22:05 -05:00
Fedora Release Engineering	f110c803eb	Initial setup of the repo	2013-12-11 13:07:49 +00:00

11 Commits