-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 18 Mar 2014 22:59:18 -0700
Source: webauth
Binary: libapache2-mod-webauth libapache2-mod-webauthldap libapache2-mod-webkdc libapache2-webauth libapache2-webkdc libwebauth-perl libwebauth10 libwebauth-dev libwebkdc-perl webauth-tests webauth-utils webauth-weblogin
Architecture: source i386 all
Version: 4.6.0-1
Distribution: unstable
Urgency: medium
Maintainer: Russ Allbery <rra@debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description:
libapache2-mod-webauth - Apache module for WebAuth authentication
libapache2-mod-webauthldap - Apache module for WebAuth LDAP lookup and authorization
libapache2-mod-webkdc - Apache modules for a WebAuth authentication KDC
libapache2-webauth - Transitional package for WebAuth Apache modules
libapache2-webkdc - Transitional package for WebAuth authentication KDC
libwebauth-dev - Development files for WebAuth authentication
libwebauth-perl - Perl library for WebAuth authentication
libwebauth10 - Shared libraries for WebAuth authentication
libwebkdc-perl - Perl libraries for WebAuth central login server
webauth-tests - Tests for the WebAuth authentication modules
webauth-utils - Command-line utilities for WebAuth authentication
webauth-weblogin - Central login server for WebAuth authentication
Changes:
webauth (4.6.0-1) unstable; urgency=medium
.
* New upstream release.
- New mod_webauth configuration directive, WebAuthCookiePath, which
scopes all cookies set by mod_webauth within the directive scope to
the given path. Be sure that any WebAuthDoLogout URL is scoped with
the same path. When using this directive, ensure all protected
portions of the site are covered by a directive and none of the
scopes are overlapping.
- WebAuthOptional should now work properly with Apache 2.4.
- Do not delete mod_webauth notes after using them, which prevents
some double-redirects to WebLogin during subrequests.
- mod_webauth and mod_webkdc now maintain separate in-memory keyrings
for each virtual host, and WebAuthKeyring, WebKdcKeyring, and
related directives are now properly honored in virtual host
configuration. This fixes keyring leaks between virtual hosts when
using the ITK MPM.
- Be more thorough in telling browsers to not cache WebLogin
responses, redirects and logout pages, and WebAuthDontCache pages.
- All keyring writes are now locked with a separate lock file (the
keyring file name with ".lock" appended) in the same directory.
- Keyring updates now preserve ownership and permissions where
possible.
- Use the authenticated identity returned by the WebKDC for
multifactor authentication in WebLogin rather than preserving the
user's original entry. The WebKDC may have canonicalized.
- Support a remctl-based password change protocol in WebLogin and in
libwebauth via the new webauth_krb5_change_config API.
- Set the correct template variable when the code field is left blank
on the WebLogin multifactor form.
- Map unknown realm and invalid principal errors during Kerberos
authentication to WA_PEC_USER_REJECTED instead of a generic Kerberos
error so that WebLogin will present a more helpful error message.
- Fix a bug in the workaround for invalid XML from the WebKDC.
- Log a more detailed message during WebLogin password change
failures.
* Add the upstream signing key to debian/upstream/signing-key.asc and
configure uscan to do signature validation. Configure uscan to
download the xz tarball instead of the gz tarball.
* Remove now-unnecessary override of dh_builddeb to use xz compression.
* Update standards version to 3.9.5 (no changes required).
Checksums-Sha1:
45d73df3c8a52bbdbfbb292a8396cbca3006438d 2605 webauth_4.6.0-1.dsc
2534b6c1229f5c9d208e24a64b0c90d677b5d722 892884 webauth_4.6.0.orig.tar.xz
f782a6d7abbe4e5297063776d70f67619f6fd0eb 34040 webauth_4.6.0-1.debian.tar.xz
da3f8e7168425438049d4265a86e4f93d4a32ed2 233166 libapache2-mod-webauth_4.6.0-1_i386.deb
94adb23f4934f561a9315e664befad65b97e0834 95234 libapache2-mod-webauthldap_4.6.0-1_i386.deb
3ba55b8d28525788a0a704a342f04ff0b311b62f 115176 libapache2-mod-webkdc_4.6.0-1_i386.deb
69a845b9c7e3cf60b34b15407ef645c944b1bad0 55208 libapache2-webauth_4.6.0-1_all.deb
1f5c28043dce70a5fee430fde1c604d5c6d51a6d 54460 libapache2-webkdc_4.6.0-1_all.deb
c14a4dccc9a37bbf730cc571db4c44f49e0a824b 152264 libwebauth-perl_4.6.0-1_i386.deb
67969623465114207784a96e54db1982baf032a3 89486 libwebauth10_4.6.0-1_i386.deb
969ce60698da7330209e5eabf44fc0e0096fe213 105402 libwebauth-dev_4.6.0-1_i386.deb
e4a15174fdedce18fc9ffa0379cee58fb7b2e5a6 124002 libwebkdc-perl_4.6.0-1_all.deb
c6e69389dec3bc73a5813160bb51c19168469319 65860 webauth-tests_4.6.0-1_all.deb
02b18f995ccdc80186726e3cbb8ef04ecff4035b 63920 webauth-utils_4.6.0-1_i386.deb
5b6a9ed0871af2e0198899a06aad3390bda930d5 125618 webauth-weblogin_4.6.0-1_all.deb
Checksums-Sha256:
9041e98c6423db958bd384fe58b41ce4cd7c2cf4c77e9e2c4a5b54949414fa40 2605 webauth_4.6.0-1.dsc
b6b0a1eacd9888cab3e140115c79eb5d60b27ede3a992947a70a16fb9cd63146 892884 webauth_4.6.0.orig.tar.xz
59f1b2d38247410392eba1fbfbc9ac367191b6767321e9b95056e7758d16f1bf 34040 webauth_4.6.0-1.debian.tar.xz
6505327c3986cc11520be8cc9382748e640e49cbfac03d5a84b2ea6294e24fb2 233166 libapache2-mod-webauth_4.6.0-1_i386.deb
de4efcafc008e2f952390a5810774cdad6f4e0a3e2f4fe9453cfbcfa46327979 95234 libapache2-mod-webauthldap_4.6.0-1_i386.deb
70c4cd581cd6197010a16b7c096d6ac294c646849df224887748c181997d992b 115176 libapache2-mod-webkdc_4.6.0-1_i386.deb
3af95dab9c239941d159740529a7428dfef2b3dcac646f34b7879922f0a4f065 55208 libapache2-webauth_4.6.0-1_all.deb
42a8e5cc5439340e21d06df037cab0dffd38e05c72efecc5a5b2d79e3ad44e0d 54460 libapache2-webkdc_4.6.0-1_all.deb
50379ecb2b55f2139adb510264e378e09d761f50085f21b442b8cce1278adb7c 152264 libwebauth-perl_4.6.0-1_i386.deb
0e5fc9add50101585f17c8660cb04065dbb9c502a8c75fa9e64af2b8f55cdc3b 89486 libwebauth10_4.6.0-1_i386.deb
70c5c2250e18899d175532456e566329ef1f046239ef0ba3592606ddd3659415 105402 libwebauth-dev_4.6.0-1_i386.deb
e6b1b826d780c8efd8ab2b9b2e888ce6c4726865ffeb67cf4b38e70a7a29cec9 124002 libwebkdc-perl_4.6.0-1_all.deb
6a8375ee153d1d2f0f7c798e21decfaf6f75590a20775108a2f9319e0f265feb 65860 webauth-tests_4.6.0-1_all.deb
e84629ed018ef52acf17b7cefb3944a208de4dbaec5cd2016e7d19e206510bd3 63920 webauth-utils_4.6.0-1_i386.deb
f9e5e9484e2e9f510c826c3d8b8989f21e1fa405db33161d25936bf69bc85f1e 125618 webauth-weblogin_4.6.0-1_all.deb
Files:
8dad9e7f7b243217f98d26c5603b9520 2605 web optional webauth_4.6.0-1.dsc
c45ff5ed80aa3a8aadecf35031bef8c5 892884 web optional webauth_4.6.0.orig.tar.xz
943a09427aed9b12402ed0bd726e7fc6 34040 web optional webauth_4.6.0-1.debian.tar.xz
cbda849fa096c2855b694b4e094e3dfc 233166 httpd optional libapache2-mod-webauth_4.6.0-1_i386.deb
08e080d6c400da38e7fbc25fe2e2fce1 95234 httpd optional libapache2-mod-webauthldap_4.6.0-1_i386.deb
5d3f834810baa0263ae03bf2afd94ac8 115176 httpd optional libapache2-mod-webkdc_4.6.0-1_i386.deb
f29126897475fdafd67dbd541f91fe1d 55208 oldlibs extra libapache2-webauth_4.6.0-1_all.deb
76363216fa83da7e44f2a0156e0295e0 54460 oldlibs extra libapache2-webkdc_4.6.0-1_all.deb
384313b5e8594b7326bf629c5abde3f2 152264 perl optional libwebauth-perl_4.6.0-1_i386.deb
3d7191da0884cc8a91d48ccefdb7eb89 89486 libs optional libwebauth10_4.6.0-1_i386.deb
b951d8ae72e2e9de47ff9aaf86aeae63 105402 libdevel extra libwebauth-dev_4.6.0-1_i386.deb
839797959689b7c6c48e2ad3d3cb291b 124002 perl optional libwebkdc-perl_4.6.0-1_all.deb
2466110fab403f2e1d310bd3350c8697 65860 web optional webauth-tests_4.6.0-1_all.deb
9d8c89fadf54c024aa5f5df0821c51cf 63920 web optional webauth-utils_4.6.0-1_i386.deb
029e93bf7fa5656e00931f4f8e26d1d9 125618 web optional webauth-weblogin_4.6.0-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJTKTRxAAoJEH2AMVxXNt51tbYH/3KrLIVbWgW4wnOG2GMPUdN3
2+jIlqJYCPZpYkxZhv1dCdeQgfHtAmh+F7wvgJXn8fcSg0q4+K+3lR3DSu497Fiy
jdFhoziNkk5sLbVZhZJicTxAIMpFOLF1ictFsCjPmG7lIrQHOGGoQ08WPyPwowe3
3HHKCVB3TbHw/k2l+05F2BLXW79ZgUs94s0N7QVVfDybyfXAEjxnXlcLrOSF59Yu
JpmdzwlJMDDSOfsf5XjQYoXAHiUUND6UefDoXnL6t2inVCaicW15voJFYrH1iAn8
P+QmRUO/GFhzyBOHHA6EXYw1qhtXi+GHrn8Xq2QvP+R1YQ45wT9sHWu7Iw2ttDw=
=SlXm
-----END PGP SIGNATURE-----
