Revisions of apache2-mod_auth_openidc
Ana Guerrero (anag+factory)
accepted
request 1147523
from
Petr Gajdos (pgajdos)
(revision 30)
- Update to 2.4.15.3: * for the complete list of changes, please have a look at ChangeLog - Fix CVE-2024-24814, DoS when `OIDCSessionType client-cookie` is set and a crafted Cookie header is supplied, bsc#1219911 (forwarded request 1147162 from dspinella)
Dominique Leuenberger (dimstar_suse)
accepted
request 1044612
from
Danilo Spinella (dspinella)
(revision 28)
Dominique Leuenberger (dimstar_suse)
accepted
request 1036637
from
Danilo Spinella (dspinella)
(revision 27)
Dominique Leuenberger (dimstar_suse)
accepted
request 1029694
from
Kristyna Streitova (kstreitova)
(revision 26)
Dominique Leuenberger (dimstar_suse)
accepted
request 998851
from
Danilo Spinella (dspinella)
(revision 25)
Richard Brown (RBrownFactory)
accepted
request 991565
from
Danilo Spinella (dspinella)
(revision 24)
Dominique Leuenberger (dimstar_suse)
accepted
request 917070
from
Danilo Spinella (dspinella)
(revision 23)
Dominique Leuenberger (dimstar_suse)
accepted
request 914953
from
Petr Gajdos (pgajdos)
(revision 22)
(forwarded request 914952 from dspinella)
Dominique Leuenberger (dimstar_suse)
accepted
request 913945
from
Petr Gajdos (pgajdos)
(revision 21)
- use declared tarball - update to 2.4.9.2 * Bugfixes - fix graceful restart (regression); see #458 * Features - preserve session cookie in the event of a cache backend failure - update the id_token in the session cache if one is provided while refreshing the access token
Richard Brown (RBrownSUSE)
accepted
request 912383
from
Petr Gajdos (pgajdos)
(revision 20)
- update to 2.4.9.1 fix retried Redis commands after a reconnect; see #642 (forwarded request 912043 from stroeder)
Dominique Leuenberger (dimstar_suse)
accepted
request 907973
from
Danilo Spinella (dspinella)
(revision 19)
Dominique Leuenberger (dimstar_suse)
accepted
request 894145
from
Kristyna Streitova (kstreitova)
(revision 18)
Dominique Leuenberger (dimstar_suse)
accepted
request 884568
from
Petr Gajdos (pgajdos)
(revision 16)
- test package - fix installation path on Factory (boo#1184572) - switch to bootstrapped tarball - package the license, docs and sample config
Richard Brown (RBrownSUSE)
accepted
request 883176
from
Petr Gajdos (pgajdos)
(revision 15)
Update to version 2.4.7 (forwarded request 883107 from stroeder)
Richard Brown (RBrownSUSE)
accepted
request 873294
from
Petr Gajdos (pgajdos)
(revision 14)
- re-download tarball - Update to version 2.4.6 * Bugfixes - don't set SameSite=None on cookies when on plain http - fix semaphore cleanup on graceful restarts; see #522 - fix inconsistent public/private keys loading order; closes #515 - return HTTP 400 Bad Request instead of 500 Internal Server Error when state cookie matching fails - optimize Redis AUTH execution once per connection - avoid segmentation fault when hitting an endpoint configured with AuthType openid-connect in an OAuth 2.0 only setup; see #529 - make sure the module compiles with Apache 2.2 for passphrase exec: * Features - add Redis database selection option with OIDCRedisCacheDatabase; closes #423 - add base64url option to OIDCPassClaimsAs primitive; closes #417 - add environment variable to control libcURL CURLOPT_SSL_OPTIONS behaviors e.g.: - SetEnvIfExpr true CURLOPT_SSL_OPTIONS=CURLSSLOPT_NO_REVOKE - removed support for https://tools.ietf.org/html/draft-bradley-oauth-jwt-encoded-state * Security - avoid displaying the client_secret in debug logs * Dependencies - libcjose >= 0.5.1
Dominique Leuenberger (dimstar_suse)
accepted
request 850781
from
Kristyna Streitova (kstreitova)
(revision 13)
Dominique Leuenberger (dimstar_suse)
accepted
request 833400
from
Petr Gajdos (pgajdos)
(revision 12)
- Update to version 2.4.4.1 * Bugfixes - add SameSite=None attribute on cookie clearance / logout and make sure it works in OP iframes * Packaging - the libcjose >= 0.5.1 binaries that this module depends on are available from the "Assets" section in release 2.4.0 (forwarded request 833319 from stroeder)
Displaying revisions 1 - 20 of 31