Overview Repositories Revisions Requests Users Attributes Meta

Revisions of apache2-mod_auth_openidc

Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1147523 from Petr Gajdos's avatar Petr Gajdos (pgajdos) (revision 30) 
- Update to 2.4.15.3:
  * for the complete list of changes, please have a look at ChangeLog
- Fix CVE-2024-24814, DoS when `OIDCSessionType client-cookie` is set
  and a crafted Cookie header is supplied, bsc#1219911 (forwarded request 1147162 from dspinella)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 914953 from Petr Gajdos's avatar Petr Gajdos (pgajdos) (revision 22) 
 (forwarded request 914952 from dspinella)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 913945 from Petr Gajdos's avatar Petr Gajdos (pgajdos) (revision 21) 
- use declared tarball

- update to 2.4.9.2
  * Bugfixes
    - fix graceful restart (regression); see #458
  * Features
    - preserve session cookie in the event of a cache backend failure
    - update the id_token in the session cache if one is provided while
      refreshing the access token
Richard Brown's avatar Richard Brown (RBrownSUSE) accepted request 912383 from Petr Gajdos's avatar Petr Gajdos (pgajdos) (revision 20) 
- update to 2.4.9.1
  fix retried Redis commands after a reconnect; see #642 (forwarded request 912043 from stroeder)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 884568 from Petr Gajdos's avatar Petr Gajdos (pgajdos) (revision 16) 
- test package

- fix installation path on Factory (boo#1184572)
- switch to bootstrapped tarball
- package the license, docs and sample config
Richard Brown's avatar Richard Brown (RBrownSUSE) accepted request 883176 from Petr Gajdos's avatar Petr Gajdos (pgajdos) (revision 15) 
Update to version 2.4.7 (forwarded request 883107 from stroeder)
Richard Brown's avatar Richard Brown (RBrownSUSE) accepted request 873294 from Petr Gajdos's avatar Petr Gajdos (pgajdos) (revision 14) 
- re-download tarball

- Update to version 2.4.6
  * Bugfixes
    - don't set SameSite=None on cookies when on plain http
    - fix semaphore cleanup on graceful restarts; see #522
    - fix inconsistent public/private keys loading order; closes #515
    - return HTTP 400 Bad Request instead of 500 Internal Server Error when state cookie matching fails
    - optimize Redis AUTH execution once per connection
    - avoid segmentation fault when hitting an endpoint configured with
      AuthType openid-connect in an OAuth 2.0 only setup; see #529
    - make sure the module compiles with Apache 2.2 for passphrase exec:
  * Features
    - add Redis database selection option with OIDCRedisCacheDatabase; closes #423
    - add base64url option to OIDCPassClaimsAs primitive; closes #417
    - add environment variable to control libcURL CURLOPT_SSL_OPTIONS behaviors e.g.:
    - SetEnvIfExpr true CURLOPT_SSL_OPTIONS=CURLSSLOPT_NO_REVOKE
    - removed support for https://tools.ietf.org/html/draft-bradley-oauth-jwt-encoded-state
  * Security
    - avoid displaying the client_secret in debug logs
  * Dependencies
    - libcjose >= 0.5.1
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 833400 from Petr Gajdos's avatar Petr Gajdos (pgajdos) (revision 12) 
- Update to version 2.4.4.1
  * Bugfixes
    - add SameSite=None attribute on cookie clearance / logout and make sure it works in OP iframes
  * Packaging
    - the libcjose >= 0.5.1 binaries that this module depends on are available from the "Assets" section in release 2.4.0 (forwarded request 833319 from stroeder)
Displaying revisions 1 - 20 of 31
openSUSE Build Service is sponsored by
Places