Accepted libapache2-mod-auth-mellon 0.16.0-1~bpo9+1 (source amd64) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 29 Jan 2020 14:35:46 +0000
Source: libapache2-mod-auth-mellon
Binary: libapache2-mod-auth-mellon
Architecture: source amd64
Version: 0.16.0-1~bpo9+1
Distribution: stretch-backports-sloppy
Urgency: high
Maintainer: Thijs Kinkhorst <thijs@debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description:
 libapache2-mod-auth-mellon - SAML 2.0 authentication module for Apache
Closes: 893957 925197 931265 931562
Changes:
 libapache2-mod-auth-mellon (0.16.0-1~bpo9+1) stretch-backports-sloppy; urgency=medium
 .
   * Rebuild for stretch-backports-sloppy.
 .
 libapache2-mod-auth-mellon (0.16.0-1) unstable; urgency=high
 .
   * New upstream release.
 .
 libapache2-mod-auth-mellon (0.15.0-1) unstable; urgency=medium
 .
   * New upstream release.
     - Fixes security issue CVE-2019-13038 (closes: #931265).
   * Build with diagnostics enabled; this can be switched on at
     runtime with the Apache directives MellonDiagnosticsEnable and
     MellonDiagnosticsFile (closes: #931562).
   * Relocated upstream, updated URLs and copyrights.
   * Packaging cleanups: change section to HTTPD, bump debhelper
     level to 12, standards-version to 4.5.0.
 .
 libapache2-mod-auth-mellon (0.14.2-1) unstable; urgency=high
 .
   * New upstream security release. (closes: #925197)
     - Auth bypass when used with reverse proxy [CVE-2019-3878]
     - Open redirect vulnerability in logout [CVE-2019-3877]
 .
 libapache2-mod-auth-mellon (0.14.1-1) unstable; urgency=medium
 .
   [ Thijs Kinkhorst ]
   * New upstream release.
   * Declare the explicit requirement for (fake)root,
     thanks Niels Thykier.
   * Ship the mellon_create_metadata utility (closes: #893957).
   * Update debhelper compatibility level to 11.
   * Checked for policy 4.3.0, no changes.
 .
   [ Ondřej Nový ]
   * d/copyright: Use https protocol in Format field
   * d/changelog: Remove trailing whitespaces
 .
 libapache2-mod-auth-mellon (0.14.0-1) unstable; urgency=medium
 .
   * New upstream release.
 .
 libapache2-mod-auth-mellon (0.13.1-1) unstable; urgency=medium
 .
   * New upstream release.
     - Obsoles backported security patches.
   * Checked for policy 4.0.0, no changes necessary.
Checksums-Sha1:
 2233fd7427f0d93baf5ce81156ac7b459243be44 1773 libapache2-mod-auth-mellon_0.16.0-1~bpo9+1.dsc
 27a7ce05fc984fbeb119d7faacf1609c251472d0 3832 libapache2-mod-auth-mellon_0.16.0-1~bpo9+1.debian.tar.xz
 10baa1f691fce99ecf75ae42ebe64e7acdcbef9d 205070 libapache2-mod-auth-mellon-dbgsym_0.16.0-1~bpo9+1_amd64.deb
 e3dba6b07b3a53f8dccd6ba26e3183c1a8a9e1de 8966 libapache2-mod-auth-mellon_0.16.0-1~bpo9+1_amd64.buildinfo
 0b0fbf607c221ad2860dd9eaa11b626599acebbf 83936 libapache2-mod-auth-mellon_0.16.0-1~bpo9+1_amd64.deb
Checksums-Sha256:
 278100ba8ebfc9af9feea869c7d42ee519ce64723a1b16375e596562f321e590 1773 libapache2-mod-auth-mellon_0.16.0-1~bpo9+1.dsc
 d000202dcf8a4457eb524e5983746047000fe1a99187385f4a96950d94c57eff 3832 libapache2-mod-auth-mellon_0.16.0-1~bpo9+1.debian.tar.xz
 40e452391419544645517f93ac5db518b5496c5de45ad8714a4bea2b6af3dd63 205070 libapache2-mod-auth-mellon-dbgsym_0.16.0-1~bpo9+1_amd64.deb
 45cf0b66b6f16c657e493158d19a68d7f5b1b155a65e9ed42129552b789e747c 8966 libapache2-mod-auth-mellon_0.16.0-1~bpo9+1_amd64.buildinfo
 cf916967eaca9e764848fc3d1609d888a40bbae4f5b9eb6c5bca4fa37fbdd486 83936 libapache2-mod-auth-mellon_0.16.0-1~bpo9+1_amd64.deb
Files:
 2d9603f913c09c23a21f4e8489d7800f 1773 httpd optional libapache2-mod-auth-mellon_0.16.0-1~bpo9+1.dsc
 e5acae04c04e3a5b3087b57448ed3243 3832 httpd optional libapache2-mod-auth-mellon_0.16.0-1~bpo9+1.debian.tar.xz
 e3a686e43a835ba9d65968e566b4f79f 205070 debug extra libapache2-mod-auth-mellon-dbgsym_0.16.0-1~bpo9+1_amd64.deb
 6b2b84bd6d519d1df91661317c797749 8966 httpd optional libapache2-mod-auth-mellon_0.16.0-1~bpo9+1_amd64.buildinfo
 513224d3363757f20f9d0b2c3e903ed2 83936 httpd optional libapache2-mod-auth-mellon_0.16.0-1~bpo9+1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQFFBAEBCAAvFiEEeANVtepr/II1qZxLVvYaeUAdrAQFAl439LIRHHRoaWpzQGRl
Ymlhbi5vcmcACgkQVvYaeUAdrARFVAf/d7ruDQX6gXvZlxJHRlIn56egLov1zkkH
L82rm/cc9ThiFJH1uxGESezB3ouxHUe+WKCNPYnCMvKPo0pMVaWYV1Z3NhYbOtr2
UNYJZQ9/xN0y8kJa0cmZcTGpjOqnXr2SvSeI3rEucYjr61d67PAKvnSl1z13x281
CvxETuNovyqSvvsR5ysZ/sagvzpiWXgxiE+s4KHHpc7b/8rcpOpOhWV+tH6clY4y
Qc3JqibXvdB5SAcYgrqyg+njF9aOpCC4YtHfjS24BjRiMSImWCk1Yp7aDulxV/pR
WRORaMF3ghoW+Wfpo3ORtaWQYvYfNwnmv8fvoRcYslqwdkN+UgTbHQ==
=6sI7
-----END PGP SIGNATURE-----