-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 18 Oct 2022 09:50:00 +0200 Source: libapache2-mod-auth-openidc Architecture: source Version: 2.4.12-1 Distribution: unstable Urgency: medium Maintainer: Moritz Schlarb <schlarbm@uni-mainz.de> Changed-By: Moritz Schlarb <schlarbm@uni-mainz.de> Changes: libapache2-mod-auth-openidc (2.4.12-1) unstable; urgency=medium . * New upstream version 2.4.12 . Release 2.4.12 was (re-)certified for all OpenID Connect Relying Party conformance profiles using the OpenID Foundation's certification suite: https://openid.net/certification/#RPs. . * Features . * allow storing the id_token in a client-cookie based session so that it can be used as id_token_hint value in a logout request later; * allow setting connection pool parameters for Memcache server connections * add option to set a username for Redis >= 6.x ACL authentication via OIDCRedisCacheUsername * register request_object_signing_alg in dynamic client registration when using request_uri . * Bugfixes . * increase size of the output buffer when using libpcre2 for substitution * support OIDCSessionInactivityTimeout values greater than 30 days when using Memcache * allow for step-up discovery with an external URL using HTML refresh; fixes behaviour on CentOS 7/8 when combined with ProxyPass * apply exact length matching for at_hash and c_hash validation * store access token obtained from backchannel in session over the one returned in the frontchannel for code token and code id_token token flows * check ID token signed response algorithm on backchannel logout_token and retrieve its configuration value from the client metadata file Checksums-Sha1: 97e55c61368d57df3e429f6cb80ba84145471f73 2521 libapache2-mod-auth-openidc_2.4.12-1.dsc c54ccaa8dd52a14e97dde5b62e14bcc89e7007c4 279217 libapache2-mod-auth-openidc_2.4.12.orig.tar.gz 38e0fd4824c20ea8d1f5a4a253bc2f87790f2206 6292 libapache2-mod-auth-openidc_2.4.12-1.debian.tar.xz 86f29c56175d4773c8e8eec040beebc534622096 8369 libapache2-mod-auth-openidc_2.4.12-1_amd64.buildinfo Checksums-Sha256: 2c61e16e2c81bf4be17cebd2f95ef38ac34ff5236724cce833673ed9be215a62 2521 libapache2-mod-auth-openidc_2.4.12-1.dsc a24f92300325ced32c69d8783f8928c6a29833e19e30c6e1585e5a177dd508d2 279217 libapache2-mod-auth-openidc_2.4.12.orig.tar.gz 17892293bb488f46309242227f29d60b568ab9f25c8af1641e78b978c17a842c 6292 libapache2-mod-auth-openidc_2.4.12-1.debian.tar.xz b50f214434003eecf559f46aa1884a0837639135c0f2100029c13ed121210084 8369 libapache2-mod-auth-openidc_2.4.12-1_amd64.buildinfo Files: 647c6a16423273fa65163b4ceb5102f0 2521 httpd optional libapache2-mod-auth-openidc_2.4.12-1.dsc ef75f1e936b2719db452e19f468a3ba9 279217 httpd optional libapache2-mod-auth-openidc_2.4.12.orig.tar.gz 15afd67aafa555ad5678e97504aa66e0 6292 httpd optional libapache2-mod-auth-openidc_2.4.12-1.debian.tar.xz 3b764ac0a570779a5e1ee6fd06f48cd5 8369 httpd optional libapache2-mod-auth-openidc_2.4.12-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJKBAEBCgA0FiEE3wEiR7/GVQGv8oRFDCS4Qcfduq8FAmNOW6gWHHNjaGxhcmJt QHVuaS1tYWluei5kZQAKCRAMJLhBx926r0gdD/4zfFtKpRiQmX5DwaIUGf2uFSzg UZR4HwOW2Uady1eSwkpG8uf5inh5s423CHpaQJS1vi2sjrDbVC+vx5a4aAxD08H2 a5Ig1NIlULCAbjDSgcaoY/WDlajCdNt/lwqb6hU0SqAcib0iDVpZHHXITnCD2tDQ 1GGlbmRLTnJ13r3ORcnX/lf0bXqIVMTgYrYq8m72gSEFxR5omydxvaB88tPEVnwz u9MljW08CWvP4gqxmleV00tvjU3ClaXeLvWI+7msqCrnIIe3O8Uyms+J5gL95MWT UQHKm3cznD7AjtMzXcyk5KlEjUcjo+Bj36wGzEI4heapOzLu5C5xIruAMWbSbcOb lu+PgEEuMZXitvtt+qlTBJX8yKriKT0Nc9BkR8fyHXCOLb3IB3y19y9Xzo9U6OgT dlNAIK9LhOdo/GdDUdSMpda6mhczIMQaXjq98fWSBygcXC11gsMqzrCBaWmJnvlf CMP4tWBRdwrqsj94EO+t+2r8YTBSYLFAPpy8povjuEnHLoMavm4sS/43e8zl3njU EwYG/HC5u9ra0DP3/poNBwuIG0DUeniERZnhKylISLnJfTiogPjy8R7MFrG2G1y/ It4m9zfY5SqFe4e23GCX1Yn6dqNZzwGQXvKeIxwO+w9LUm4ev1SmR4zy8xj5/CUO mo8uRc1E69geyenTWA== =E1fh -----END PGP SIGNATURE-----