webauth_4.1.0-1~bpo60+1_i386.changes ACCEPTED into squeeze-backports
Accepted:
libapache2-webauth_4.1.0-1~bpo60+1_i386.deb
to main/w/webauth/libapache2-webauth_4.1.0-1~bpo60+1_i386.deb
libapache2-webkdc_4.1.0-1~bpo60+1_i386.deb
to main/w/webauth/libapache2-webkdc_4.1.0-1~bpo60+1_i386.deb
libwebauth-dev_4.1.0-1~bpo60+1_i386.deb
to main/w/webauth/libwebauth-dev_4.1.0-1~bpo60+1_i386.deb
libwebauth-perl_4.1.0-1~bpo60+1_i386.deb
to main/w/webauth/libwebauth-perl_4.1.0-1~bpo60+1_i386.deb
libwebauth6_4.1.0-1~bpo60+1_i386.deb
to main/w/webauth/libwebauth6_4.1.0-1~bpo60+1_i386.deb
libwebkdc-perl_4.1.0-1~bpo60+1_all.deb
to main/w/webauth/libwebkdc-perl_4.1.0-1~bpo60+1_all.deb
webauth-tests_4.1.0-1~bpo60+1_all.deb
to main/w/webauth/webauth-tests_4.1.0-1~bpo60+1_all.deb
webauth-utils_4.1.0-1~bpo60+1_i386.deb
to main/w/webauth/webauth-utils_4.1.0-1~bpo60+1_i386.deb
webauth-weblogin_4.1.0-1~bpo60+1_all.deb
to main/w/webauth/webauth-weblogin_4.1.0-1~bpo60+1_all.deb
webauth_4.1.0-1~bpo60+1.debian.tar.gz
to main/w/webauth/webauth_4.1.0-1~bpo60+1.debian.tar.gz
webauth_4.1.0-1~bpo60+1.dsc
to main/w/webauth/webauth_4.1.0-1~bpo60+1.dsc
webauth_4.1.0.orig.tar.gz
to main/w/webauth/webauth_4.1.0.orig.tar.gz
Changes:
webauth (4.1.0-1~bpo60+1) squeeze-backports; urgency=low
.
* Backport to stable.
.
webauth (4.1.0-1) unstable; urgency=low
.
* New upstream release.
- New mod_webkdc WebKdcUserInfoTimeout option to set a network timeout
for user information service queries. The new default is 30
seconds.
- New mod_webkdc WebKdcUserInfoIgnoreFail error to allow users to
authenticate with password and use pre-existing single sign-on
cookies even if the user information service is down. Be aware that
this can allow bypassing a centrally-mandated multifactor
requirement.
- Use remctl_set_ccache instead of setting KRB5CCNAME when available
to avoid memory leaks on calling the user information service and to
not leak settings across threads.
- Fix WebLogin error handling when the password field is left blank.
- Fix WebLogin error handling of empty usernames.
- Drop library support for base64-encoded token attributes (which was
never used by WebAuth).
- Drop webauth_info_{build,version} library APIs.
- Document Apache/Tomcat security interaction around URL parsing in
the mod_webauth manual. This affects any Apache security mechanism
used in conjunction with Tomcat.
* Bump libremctl-dev build dependency to >= 3.1 for consistent builds.
* Add Build-Depends-Package to the symbols file for better dependency
handling.
* Update standards version to 3.9.3 (no changes required).
.
webauth (4.0.2-1) unstable; urgency=low
.
* New upstream release.
- Fix setting of the REMOTE_USER preference cookie in WebLogin.
- Ignore undefined cookies in WebLogin to reduce error logs.
- Document factor codes in the mod_webauth manual.
* Remove ${shlibs:Depends} from libwebauth-dev dependencies to remove a
warning. This package won't contain compiled binaries.
Override entries for your package:
libapache2-webauth_4.1.0-1~bpo60+1_i386.deb - optional httpd
libapache2-webkdc_4.1.0-1~bpo60+1_i386.deb - optional httpd
libwebauth-dev_4.1.0-1~bpo60+1_i386.deb - extra libdevel
libwebauth-perl_4.1.0-1~bpo60+1_i386.deb - optional perl
libwebauth6_4.1.0-1~bpo60+1_i386.deb - optional libs
libwebkdc-perl_4.1.0-1~bpo60+1_all.deb - optional perl
webauth-tests_4.1.0-1~bpo60+1_all.deb - optional web
webauth-utils_4.1.0-1~bpo60+1_i386.deb - optional web
webauth-weblogin_4.1.0-1~bpo60+1_all.deb - optional web
webauth_4.1.0-1~bpo60+1.dsc - source web
Announcing to debian-backports-changes@lists.debian.org
Thank you for your contribution to backports.debian.org archive.
Reply to: