-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 22 Mar 2019 12:27:29 +0000 Source: libapache2-mod-auth-mellon Binary: libapache2-mod-auth-mellon Architecture: source amd64 Version: 0.14.2-1~bpo9+2 Distribution: stretch-backports Urgency: high Maintainer: Thijs Kinkhorst <thijs@debian.org> Changed-By: Thijs Kinkhorst <thijs@debian.org> Description: libapache2-mod-auth-mellon - SAML 2.0 authentication module for Apache Closes: 893957 925197 Changes: libapache2-mod-auth-mellon (0.14.2-1~bpo9+2) stretch-backports; urgency=high . * Rebuild for stretch-backports. . libapache2-mod-auth-mellon (0.14.2-1) unstable; urgency=high . * New upstream security release. (closes: #925197) - Auth bypass when used with reverse proxy [CVE-2019-3878] - Open redirect vulnerability in logout [CVE-2019-3877] . libapache2-mod-auth-mellon (0.14.1-1) unstable; urgency=medium . [ Thijs Kinkhorst ] * New upstream release. * Declare the explicit requirement for (fake)root, thanks Niels Thykier. * Ship the mellon_create_metadata utility (closes: #893957). * Update debhelper compatibility level to 11. * Checked for policy 4.3.0, no changes. . [ Ondřej Nový ] * d/copyright: Use https protocol in Format field * d/changelog: Remove trailing whitespaces Checksums-Sha1: ed6a045159f425775c32a5bebf35484a6b282106 1775 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2.dsc c85a3b583005fccf182fde392408a6ae49c33f8d 3596 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2.debian.tar.xz 0897d33a514750f4955bd714315c862d279bd89b 178810 libapache2-mod-auth-mellon-dbgsym_0.14.2-1~bpo9+2_amd64.deb b4e75c2e204e898f68bd4aa8973c85bbf557c291 8817 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2_amd64.buildinfo deee6e6823260c115a34da2758ca04996d1352da 69048 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2_amd64.deb Checksums-Sha256: 70c98cdb81a4fd9986c9119e1670ae692a1ee594cf14d7ad74df59e70a7073b3 1775 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2.dsc 35dd651dd84c95264e22c141a210afa49195a92a7140c6089af26605c0554b36 3596 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2.debian.tar.xz 0a22c9c64e0441454ff8f135c698602981df25805dbb1e4009273a839618176e 178810 libapache2-mod-auth-mellon-dbgsym_0.14.2-1~bpo9+2_amd64.deb 3b0005f5d084988a3de49635871f29fb2171a012b90b7b3c35800a2192b75977 8817 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2_amd64.buildinfo a356271cfb469acd51b9247daadf2163f17342a019b79b45b8a58d6261aa9a44 69048 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2_amd64.deb Files: 479fe3d3d38d298acfea2ed2eadb89be 1775 web optional libapache2-mod-auth-mellon_0.14.2-1~bpo9+2.dsc 27b96a7ea69a1d76359248cc39c82e97 3596 web optional libapache2-mod-auth-mellon_0.14.2-1~bpo9+2.debian.tar.xz 6bfe7a79cc2ce733c868d597698cac21 178810 debug extra libapache2-mod-auth-mellon-dbgsym_0.14.2-1~bpo9+2_amd64.deb 3efc6896018a6b6f61ab19d07d17afd7 8817 web optional libapache2-mod-auth-mellon_0.14.2-1~bpo9+2_amd64.buildinfo 151ae01cd5ba764f6d79acb6a82452a0 69048 web optional libapache2-mod-auth-mellon_0.14.2-1~bpo9+2_amd64.deb -----BEGIN PGP SIGNATURE----- iQFFBAEBCAAvFiEEeANVtepr/II1qZxLVvYaeUAdrAQFAlyZvpMRHHRoaWpzQGRl Ymlhbi5vcmcACgkQVvYaeUAdrARIOAf+LEgo0JEkjZ5Wy/+CSy6hMk5qNOort5TS caDHXvYfyOcvwpgtJHeXE1mZfEzLuRB3ORZF3a0+Wq01GyI5T1SRluS8Oj1SvJ7N BhN98yxefi7ZMarmosNN1m/PlJnclZXkmvaIrcaU6ksZE1v/e9GINfGOfdB1qsiP yG+kAQ2i4Nn7Ts4ur1usPWxGRTM01/2Fbe6+KT7X7nWkMx2V1TZtDl323+FgfnZm rHNnc0ZmEl/ipkyt8Hn6LfazIlCGfYAqEHWbAQFPYkIZNN0LA+2vvLhf8mpaOyRa KzNG9oQjsPgp2+2IgslehMsnlin9VWR8kYvLAHWbKeu7j/N0xPMCJA== =/YLq -----END PGP SIGNATURE-----
