rpms/mod_auth_mellon
5
0
Fork 0
Code Issues Pull Requests Releases Activity
A SAML 2.0 authentication module for the Apache Httpd Server
14 Commits 7 Branches 17 Tags 683 KiB
HTML 99.7%
Shell 0.3%
d61f453f45
Go to file
John Dennis d61f453f45 Update to new upstream 0.12.0 
- [CVE-2016-2145] Fix DOS attack (Apache worker process crash) due to
  incorrect error handling when reading POST data from client.

- [CVE-2016-2146] Fix DOS attack (Apache worker process crash /
  resource exhaustion) due to missing size checks when reading
  POST data.

In addition this release contains the following new features and fixes:

- Add MellonRedirectDomains option to limit the sites that
  mod_auth_mellon can redirect to. This option is enabled by default.

- Add support for ECP service options in PAOS requests.

- Fix AssertionConsumerService lookup for PAOS requests.
2016-03-09 09:40:05 -05:00
.gitignore Update to new upstream 0.12.0 2016-03-09 09:40:05 -05:00
10-auth_mellon.conf Initial import 2013-12-11 09:22:05 -05:00
acs-warning.patch Fix Lasso warning 2015-12-23 13:33:59 -05:00
auth_mellon.conf Initial import 2013-12-11 09:22:05 -05:00
mellon_create_metadata.sh Upgrade to upstream 0.11.0 release. 2015-09-17 21:49:53 -04:00
mod_auth_mellon.conf Initial import 2013-12-11 09:22:05 -05:00
mod_auth_mellon.spec Update to new upstream 0.12.0 2016-03-09 09:40:05 -05:00
sources Update to new upstream 0.12.0 2016-03-09 09:40:05 -05:00