Accepted libapache2-mod-auth-mellon 0.14.2-1~bpo9+2 (source amd64) into stretch-backports->backports-policy, stretch-backports
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 22 Mar 2019 12:27:29 +0000
Source: libapache2-mod-auth-mellon
Binary: libapache2-mod-auth-mellon
Architecture: source amd64
Version: 0.14.2-1~bpo9+2
Distribution: stretch-backports
Urgency: high
Maintainer: Thijs Kinkhorst <thijs@debian.org>
Changed-By: Thijs Kinkhorst <thijs@debian.org>
Description:
libapache2-mod-auth-mellon - SAML 2.0 authentication module for Apache
Closes: 893957 925197
Changes:
libapache2-mod-auth-mellon (0.14.2-1~bpo9+2) stretch-backports; urgency=high
.
* Rebuild for stretch-backports.
.
libapache2-mod-auth-mellon (0.14.2-1) unstable; urgency=high
.
* New upstream security release. (closes: #925197)
- Auth bypass when used with reverse proxy [CVE-2019-3878]
- Open redirect vulnerability in logout [CVE-2019-3877]
.
libapache2-mod-auth-mellon (0.14.1-1) unstable; urgency=medium
.
[ Thijs Kinkhorst ]
* New upstream release.
* Declare the explicit requirement for (fake)root,
thanks Niels Thykier.
* Ship the mellon_create_metadata utility (closes: #893957).
* Update debhelper compatibility level to 11.
* Checked for policy 4.3.0, no changes.
.
[ Ondřej Nový ]
* d/copyright: Use https protocol in Format field
* d/changelog: Remove trailing whitespaces
Checksums-Sha1:
ed6a045159f425775c32a5bebf35484a6b282106 1775 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2.dsc
c85a3b583005fccf182fde392408a6ae49c33f8d 3596 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2.debian.tar.xz
0897d33a514750f4955bd714315c862d279bd89b 178810 libapache2-mod-auth-mellon-dbgsym_0.14.2-1~bpo9+2_amd64.deb
b4e75c2e204e898f68bd4aa8973c85bbf557c291 8817 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2_amd64.buildinfo
deee6e6823260c115a34da2758ca04996d1352da 69048 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2_amd64.deb
Checksums-Sha256:
70c98cdb81a4fd9986c9119e1670ae692a1ee594cf14d7ad74df59e70a7073b3 1775 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2.dsc
35dd651dd84c95264e22c141a210afa49195a92a7140c6089af26605c0554b36 3596 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2.debian.tar.xz
0a22c9c64e0441454ff8f135c698602981df25805dbb1e4009273a839618176e 178810 libapache2-mod-auth-mellon-dbgsym_0.14.2-1~bpo9+2_amd64.deb
3b0005f5d084988a3de49635871f29fb2171a012b90b7b3c35800a2192b75977 8817 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2_amd64.buildinfo
a356271cfb469acd51b9247daadf2163f17342a019b79b45b8a58d6261aa9a44 69048 libapache2-mod-auth-mellon_0.14.2-1~bpo9+2_amd64.deb
Files:
479fe3d3d38d298acfea2ed2eadb89be 1775 web optional libapache2-mod-auth-mellon_0.14.2-1~bpo9+2.dsc
27b96a7ea69a1d76359248cc39c82e97 3596 web optional libapache2-mod-auth-mellon_0.14.2-1~bpo9+2.debian.tar.xz
6bfe7a79cc2ce733c868d597698cac21 178810 debug extra libapache2-mod-auth-mellon-dbgsym_0.14.2-1~bpo9+2_amd64.deb
3efc6896018a6b6f61ab19d07d17afd7 8817 web optional libapache2-mod-auth-mellon_0.14.2-1~bpo9+2_amd64.buildinfo
151ae01cd5ba764f6d79acb6a82452a0 69048 web optional libapache2-mod-auth-mellon_0.14.2-1~bpo9+2_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQFFBAEBCAAvFiEEeANVtepr/II1qZxLVvYaeUAdrAQFAlyZvpMRHHRoaWpzQGRl
Ymlhbi5vcmcACgkQVvYaeUAdrARIOAf+LEgo0JEkjZ5Wy/+CSy6hMk5qNOort5TS
caDHXvYfyOcvwpgtJHeXE1mZfEzLuRB3ORZF3a0+Wq01GyI5T1SRluS8Oj1SvJ7N
BhN98yxefi7ZMarmosNN1m/PlJnclZXkmvaIrcaU6ksZE1v/e9GINfGOfdB1qsiP
yG+kAQ2i4Nn7Ts4ur1usPWxGRTM01/2Fbe6+KT7X7nWkMx2V1TZtDl323+FgfnZm
rHNnc0ZmEl/ipkyt8Hn6LfazIlCGfYAqEHWbAQFPYkIZNN0LA+2vvLhf8mpaOyRa
KzNG9oQjsPgp2+2IgslehMsnlin9VWR8kYvLAHWbKeu7j/N0xPMCJA==
=/YLq
-----END PGP SIGNATURE-----
Reply to: