[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted webauth 4.5.0-1 (source i386 all)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 26 Apr 2013 15:21:08 -0700
Source: webauth
Binary: libapache2-mod-webauth libapache2-mod-webkdc libapache2-webauth libapache2-webkdc libwebauth-perl libwebauth10 libwebauth-dev libwebkdc-perl webauth-tests webauth-utils webauth-weblogin
Architecture: source i386 all
Version: 4.5.0-1
Distribution: experimental
Urgency: low
Maintainer: Russ Allbery <rra@debian.org>
Changed-By: Russ Allbery <rra@debian.org>
Description: 
 libapache2-mod-webauth - Apache modules for WebAuth authentication
 libapache2-mod-webkdc - Apache modules for a WebAuth authentication KDC
 libapache2-webauth - Transitional package for WebAuth Apache modules
 libapache2-webkdc - Transitional package for WebAuth authentication KDC
 libwebauth-dev - Development files for WebAuth authentication
 libwebauth-perl - Perl library for WebAuth authentication
 libwebauth10 - Shared libraries for WebAuth authentication
 libwebkdc-perl - Perl libraries for WebAuth central login server
 webauth-tests - Tests for the WebAuth authentication modules
 webauth-utils - Command-line utilities for WebAuth authentication
 webauth-weblogin - Central login server for WebAuth authentication
Closes: 705557
Changes: 
 webauth (4.5.0-1) experimental; urgency=low
 .
   * New upstream release.
     - WebLogin now supports indicating, on the login form template,
       whether to create single sign-on cookies.  The default form sends a
       parameter saying to do so, but the default behavior is to not create
       the cookies.  This will require a template change for most WebLogin
       deployments.
     - Revert change in WebAuthForceLogin interpretation introduced in
       WebAuth 4.4.0.  It once again requires authentication with a login
       token.  Document that it will not work well with authorization
       identities set after authentication.
     - Fix password change handling in WebLogin, broken since 4.4.0.
     - Fix reporting of password rejection reasons, broken since 4.3.0.
     - mod_webauth and mod_webkdc now produce much better error logs.
     - Initial multifactor no longer satisfies a requirement for random
       session multifactor, correcting a long-standing bug.
     - New WebAuthLdapOperationalAttribute directive for mod_webauthldap
       that allows inclusion of operational attributes in the environment.
     - WebLogin no longer supports obtaining the password expiration from a
       kadmin-remctl backend via a direct remctl call.  Instead, it uses
       the value from the WebKDC, which comes from the user information
       service.
     - The WebLogin confirmation page supports a new expire_timestamp
       variable, which contains the password expiration in seconds since
       UNIX epoch.  This should be used instead of the (deprecated)
       expire_date variable since it isn't preformatted and can therefore
       be localized.  See the sample confirm.tmpl template for how to
       format the date for display.
     - New support for persistent cookies containing additional factors,
       controlled by the user information service.
     - The WebKDC now passes the user's current factors to the user
       information service as an additional parameter to the userinfo
       call, which can be used to change behavior based on whether the user
       has persistent factors set.
     - The user information service can now return a specific set of
       required factors instead of just indicating multifactor is required.
     - The user information service can return a message for display in
       the multifactor authentication page in WebLogin (and that has been
       added to the default templates).
     - The user information service can, in both the userinfo and validate
       calls, return an opaque data structure to WebLogin, and WebLogin can
       send an opaque data structre back in the validate call.  This allows
       for multistep multifactor interactions outside of WebAuth's
       knowledge, such as resynchronization of hardware tokens.
     - The user information service can add factors to a user's successful
       interactive authentication.
     - WebLogin and the multifactor page template now receive a list of the
       factors a user needs but doesn't yet have, instead of just a
       complete list of the desired factors.
     - WebLogin can now tell the WebKDC and, in turn, the user information
       service what type of OTP authentication was used, if it knows.
     - The user information service can indicate the expiration time of
       factors resulting from an OTP authentication.
     - Errors in contacting the user information service are now logged
       even if the WebKDC is configured to ignore those errors.
     - Multiple changes to the libwebauth API, most notably revisions to
       the webkdc_login and userinfo APIs and a new opaque factors data
       type.
     - mod_webkdc no longer supports obtaining proxy tokens via a
       <getTokenRequest> call.  This was never used and is conceptually
       useless.
     - undef arguments to Perl XS functions are now properly diagnosed.
   * Fix some incorrect URLs in the webauth-tests package that were left
     over from the test suite rewrite.
   * Use an uppercase realm name in the token.acl example in README.Debian
     for libapache2-mod-webkdc.  Nearly all Kerberos realms will be
     uppercase and the realm is case-sensitive.  Thanks to Lisandro Damián
     Nicanor Pérez Meyer for the report.  (Closes: #705557)
Checksums-Sha1: 
 4ce80809b249e5d23d7c67236ce101c204752bff 2751 webauth_4.5.0-1.dsc
 f6c8a03d7659dee240b43c728a99603fe70cd627 860500 webauth_4.5.0.orig.tar.xz
 00f04b95ec9a6abdb3ff95b8454f05c84863f3dc 26560 webauth_4.5.0-1.debian.tar.xz
 d737ae4ae9a93645aeaffdd5fe502c3ed8d835f5 241190 libapache2-mod-webauth_4.5.0-1_i386.deb
 4425cf3a08eafc2c638531854485af2b278eeb33 106178 libapache2-mod-webkdc_4.5.0-1_i386.deb
 68a1121cc567a9175ec72ce0f97234c8e467a819 47878 libapache2-webauth_4.5.0-1_all.deb
 66f8d31f3137be56da3c1c541581b463a4a118dd 47262 libapache2-webkdc_4.5.0-1_all.deb
 4cea6418af0a0ff01ba0e4deedd413227377be4b 141824 libwebauth-perl_4.5.0-1_i386.deb
 734fe95d2c7a926b1a1870799240ad7a68ceb719 81864 libwebauth10_4.5.0-1_i386.deb
 cd1d2f8368e8469e828d547d288b4414a977492e 96844 libwebauth-dev_4.5.0-1_i386.deb
 c01750a07dc6d328ad13e905311bc81a20e8763d 114896 libwebkdc-perl_4.5.0-1_all.deb
 e56347de13e514e9074a79e40d0c78ab2626d659 58090 webauth-tests_4.5.0-1_all.deb
 e46e857b7c3a8d502252c6e4fd16d7637eae7ccc 56434 webauth-utils_4.5.0-1_i386.deb
 1129610af403f2c19b108e924cd86c31c6e84ba4 115676 webauth-weblogin_4.5.0-1_all.deb
Checksums-Sha256: 
 750959bd8ced5d1c59f03bc7a6f0fce00671d840a19c0e04dea60e8ccd9c93b9 2751 webauth_4.5.0-1.dsc
 e7a247807ea0e6a99b348ddbbe1ed8bfb65346ff6545fbc458e7163fd532d1e8 860500 webauth_4.5.0.orig.tar.xz
 5a532b1fd7dafeda3bbb265da3469352696f052d071206ffb618c3cac76601da 26560 webauth_4.5.0-1.debian.tar.xz
 b8df1fb4b5c97174ecb32725dd77e4bf02246fd14a35735ac4336096f3f06756 241190 libapache2-mod-webauth_4.5.0-1_i386.deb
 84c14f60a6e7343cf2282c6c3ab379a5c0e3301944cb34f88e27b6aec607b79c 106178 libapache2-mod-webkdc_4.5.0-1_i386.deb
 635ebdf4f3f977bf84940d7987cd27500a35f936b73b0347609a23139cda7dbe 47878 libapache2-webauth_4.5.0-1_all.deb
 6b2a62658a02a60b25f71edca98d64cb790a59358cb252118bba4c8ade764d15 47262 libapache2-webkdc_4.5.0-1_all.deb
 2286286c29e023e3fbae41aedd06a2accf927fc3f9c5bfb04dc2f264ba906218 141824 libwebauth-perl_4.5.0-1_i386.deb
 8230dac161fbe6471d89981e9ff12dede2f25e8c2942a307c7bc8be1c4d1d632 81864 libwebauth10_4.5.0-1_i386.deb
 cac00e0a017339bc4ff53a7186fcf8d1dcd87d2a798dddd53114a8f7093fc935 96844 libwebauth-dev_4.5.0-1_i386.deb
 7883bb9b397e471f1d35c014c9ae04e5fc79d78efb9b64330e1173ea5defcac5 114896 libwebkdc-perl_4.5.0-1_all.deb
 a00e473a5ed2f560360327f0db617414ee5d3c8f98207704ca9c6056c857be34 58090 webauth-tests_4.5.0-1_all.deb
 a5b1dc6564850ad6e54b1e3b196c673634500a7d967d297cb18e301f508020ad 56434 webauth-utils_4.5.0-1_i386.deb
 80036679189d8dafa779cac2785638c8633a036c9747c879b172a89728572f34 115676 webauth-weblogin_4.5.0-1_all.deb
Files: 
 d60a46c4198bd44fc87248f44ab1d17b 2751 web optional webauth_4.5.0-1.dsc
 f9dd23195525f8b91219040e06754c68 860500 web optional webauth_4.5.0.orig.tar.xz
 1b1bed4aada80363da34fd970d37f6af 26560 web optional webauth_4.5.0-1.debian.tar.xz
 79a114cad20185a022a3e68476c10af9 241190 httpd optional libapache2-mod-webauth_4.5.0-1_i386.deb
 68cf6d9e74d52788a5182906795eeba5 106178 httpd optional libapache2-mod-webkdc_4.5.0-1_i386.deb
 8e2af837f5150b210621c1dbd75e7818 47878 oldlibs extra libapache2-webauth_4.5.0-1_all.deb
 d821da562b4d8dad8a9dd6a1bced4457 47262 oldlibs extra libapache2-webkdc_4.5.0-1_all.deb
 c3adad3053a1c37718392886c2c1c6c1 141824 perl optional libwebauth-perl_4.5.0-1_i386.deb
 6e408b0fe1f6e368e8730e4642d1c933 81864 libs optional libwebauth10_4.5.0-1_i386.deb
 648d69c3b7f6ccdcfe13fee3b58881b2 96844 libdevel extra libwebauth-dev_4.5.0-1_i386.deb
 b0b709889dab1cfed25bd3afbfc6dca2 114896 perl optional libwebkdc-perl_4.5.0-1_all.deb
 8ea77dd374eb1c30ef42e5591da7baa7 58090 web optional webauth-tests_4.5.0-1_all.deb
 a97442088f6b465d341618aba8899904 56434 web optional webauth-utils_4.5.0-1_i386.deb
 192796048d9d1ad8dbece6acacb308b3 115676 web optional webauth-weblogin_4.5.0-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBCAAGBQJRewXHAAoJEH2AMVxXNt51sKIH/iZYrN2RNJ0HrOzaxJRWZh4z
lYZyxvklMF8IhpUU48IYZ0+seYcvW+jftRh9HBMLFnuFbKNCdKCBpnvq9z0U84ca
9l3j0gTTVK21EDkTJANtO6PR07n5CNODso+U1Ii9cmhwnCkHnDO5bepgzd2EBmHx
uRrIgHyKH4sSS4tdzsau19YPMxRVRVwF1XI7Dxkmhvs0DbXmAwlX/o585JQiqfqa
IcWe2v6hpfqRsh5TT4olVnToyAkcrrTP0PY4tqoDwa7E0toXbbFG/5ImmgSLc5tz
fOguroaKUkx6OsU2SRDU6hooa1thUH96ma20mr4a1sDxhqKbehot2tO3DAQ837E=
=fQCZ
-----END PGP SIGNATURE-----
Reply to: