Overview
Request 873294 accepted
- re-download tarball
- Update to version 2.4.6
* Bugfixes
- don't set SameSite=None on cookies when on plain http
- fix semaphore cleanup on graceful restarts; see #522
- fix inconsistent public/private keys loading order; closes #515
- return HTTP 400 Bad Request instead of 500 Internal Server Error when state cookie matching fails
- optimize Redis AUTH execution once per connection
- avoid segmentation fault when hitting an endpoint configured with
AuthType openid-connect in an OAuth 2.0 only setup; see #529
- make sure the module compiles with Apache 2.2 for passphrase exec:
* Features
- add Redis database selection option with OIDCRedisCacheDatabase; closes #423
- add base64url option to OIDCPassClaimsAs primitive; closes #417
- add environment variable to control libcURL CURLOPT_SSL_OPTIONS behaviors e.g.:
- SetEnvIfExpr true CURLOPT_SSL_OPTIONS=CURLSSLOPT_NO_REVOKE
- removed support for https://tools.ietf.org/html/draft-bradley-oauth-jwt-encoded-state
* Security
- avoid displaying the client_secret in debug logs
* Dependencies
- libcjose >= 0.5.1
Request History
pgajdos created request
- re-download tarball
- Update to version 2.4.6
* Bugfixes
- don't set SameSite=None on cookies when on plain http
- fix semaphore cleanup on graceful restarts; see #522
- fix inconsistent public/private keys loading order; closes #515
- return HTTP 400 Bad Request instead of 500 Internal Server Error when state cookie matching fails
- optimize Redis AUTH execution once per connection
- avoid segmentation fault when hitting an endpoint configured with
AuthType openid-connect in an OAuth 2.0 only setup; see #529
- make sure the module compiles with Apache 2.2 for passphrase exec:
* Features
- add Redis database selection option with OIDCRedisCacheDatabase; closes #423
- add base64url option to OIDCPassClaimsAs primitive; closes #417
- add environment variable to control libcURL CURLOPT_SSL_OPTIONS behaviors e.g.:
- SetEnvIfExpr true CURLOPT_SSL_OPTIONS=CURLSSLOPT_NO_REVOKE
- removed support for https://tools.ietf.org/html/draft-bradley-oauth-jwt-encoded-state
* Security
- avoid displaying the client_secret in debug logs
* Dependencies
- libcjose >= 0.5.1
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
dimstar_suse added as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:46"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:adi:46"
dimstar accepted review
licensedigger accepted review
The legal review is accepted preliminary. The package may require actions later on.
RBrownSUSE accepted review
Staging Project openSUSE:Factory:Staging:adi:46 got accepted.
RBrownSUSE approved review
Staging Project openSUSE:Factory:Staging:adi:46 got accepted.
RBrownSUSE accepted request
Staging Project openSUSE:Factory:Staging:adi:46 got accepted.
