apache2-mod_auth_mellon-0.19.1-1.1 RPM for i586

From OpenSuSE Ports Tumbleweed for i586

The mod_auth_mellon module is an authentication service that implements the
SAML 2.0 federation protocol. It grants access based on the attributes
received in assertions generated by a IdP server.

Provides

• apache2-mod_auth_mellon
• apache2-mod_auth_mellon(x86-32)
• config(apache2-mod_auth_mellon)

Requires

• /bin/bash
• /bin/sh
• apache_mmn_20120211
• config(apache2-mod_auth_mellon) = 0.19.1-1.1
• libc.so.6
• libc.so.6(GLIBC_2.0)
• libc.so.6(GLIBC_2.1.3)
• libc.so.6(GLIBC_2.3)
• libc.so.6(GLIBC_2.3.4)
• libc.so.6(GLIBC_2.38)
• libc.so.6(GLIBC_2.4)
• libcrypto.so.3
• libcrypto.so.3(OPENSSL_3.0.0)
• libcurl.so.4
• libglib-2.0.so.0
• liblasso.so.3
• liblasso3 >= 2.5.1
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• suse_maintenance_mmn_0

License

GPL-2.0-or-later

Changelog

* Wed Dec 11 2024 pgajdos@suse.com
  - version update to 0.19.1
    * Remove legacy code that is unused because of minimum requirements.
    * Cleanup HTML in rendered forms.
    * Documentation cleanups and improvements.
* Mon Mar 25 2024 pgajdos@suse.com
  - version update to 0.19.0
    Enhancements:
    * Support for HTTP-POST binding on Singe Logout endpoint.
    * Update documentation.
    Cleanup:
    * Raise minimum Lasso version to 2.4, cleaning up legacy code for
      compatibility with older versions, including the obsolete
      `MellonIdPPublicKeyFile` setting which was not working with recent
      Lasso versions.
* Mon Jul 31 2023 Matthias Eliasson <elimat@opensuse.org>
  - Update to 0.18.1
    * Logout endpoint should handle idP POST response
    * mellon_create_metadata.sh: Fix compatibility with OpenSSL 3
    * Add some clarification to the documentation
    * Add encryption certificate to generated metadata
  - Changes in 0.18.0
    * CVE-2021-3639 Redirect URL validation bypass - Version 0.17.0 and
      older of mod_auth_mellon allows the redirect URL validation to be
      bypassed by specifying an URL formatted as ///fishing-site.example.com/logout.html.
      In this case, the browser would interpret the URL differently
      than the APR parsing utility mellon uses and redirect to
      fishing-site.example.com. This could be reproduced with:
      https://rp.example.co.jp/mellon/logout?ReturnTo=///fishing-site.example.com/logout.html
      This version fixes that issue by rejecting all URLs that start with "///".
    * A new option MellonSessionIdleTimeout that represents the amount of
      time a user can be inactive before the user's session times out in seconds.
    * Several build-time fixes
    * The CookieTest SameSite attribute was only set to None if mellon configure option
      MellonCookieSameSite was set to something other than default. This is now fixed.
  - add libtool and xmlsec1-openssl-devel as new dependencies
  - set Buildarch to noarch for docs sub-package
* Thu May 05 2022 Archie Cobbs <archie.cobbs@gmail.com>
  - Wrap default config in <IfModule> to avoid reload error
* Thu Sep 10 2020 Kristyna Streitova <kstreitova@suse.com>
  - Update to 0.17.0
    * New option MellonSendExpectHeader (default On) which allows to
      disable sending the Expect header in the HTTP-Artifact binding to
      improve performance when the remote party does not support this
      header.
    * Set SameSite attribute to None on on the cookietest cookie.
    * Bump default generated keysize to 3072 bits in
      mellon_create_metadata
    * Validate if the assertion ID has not been used earlier before
      creating a new session.
    * Release session cache after calling invalidate endpoint.
    * In MellonCond directives, fix a bug that setting the NC option
      would also activate substring match and that REG would activate
      REF.
    * Fix MellonCond substring match to actually match the substring on
      the attribute value
* Thu Jun 04 2020 Kristyna Streitova <kstreitova@suse.com>
  - update mod_auth_mellon-0.16.0-env-script-interpreter.patch
    use /bin/bash instead of /usr/bin/bash
* Mon May 11 2020 Kristyna Streitova <kstreitova@suse.com>
  - replace version_path with the fixed value
* Tue Apr 28 2020 Kristyna Streitova <kstreitova@suse.com>
  - initial packaging

Files

/etc/apache2/conf.d/mod_auth_mellon.conf
/run/mod_auth_mellon
/usr/lib/apache2/mod_auth_mellon.so
/usr/lib/tmpfiles.d/apache2-mod_auth_mellon.conf
/usr/libexec/apache2-mod_auth_mellon
/usr/libexec/apache2-mod_auth_mellon/mellon_create_metadata.sh
/usr/share/doc/packages/apache2-mod_auth_mellon
/usr/share/doc/packages/apache2-mod_auth_mellon/ECP.rst
/usr/share/doc/packages/apache2-mod_auth_mellon/NEWS
/usr/share/doc/packages/apache2-mod_auth_mellon/README.md
/usr/share/licenses/apache2-mod_auth_mellon
/usr/share/licenses/apache2-mod_auth_mellon/COPYING

Generated by rpm2html 1.8.1

Fabrice Bellet, Sun Jan 12 02:11:34 2025