Olav Morken
62e0f423ac
Add changelog for 0.14.2
2019-03-21 14:58:27 +01:00
Olav Morken
e9771dc9b2
Add changes for 0.14.1
...
This patch addes the changelog for version 0.14.1.
2019-02-11 08:26:11 +01:00
Olav Morken
21f78ab060
Add release notes for version 0.14.0.
2018-03-16 08:21:38 +01:00
Olav Morken
262768ae19
NEWS: Add consistent whitespace between releases.
2018-03-16 08:21:38 +01:00
Olav Morken
8dafa59aa8
Fix segfault if POST replay is enabled but MellonPostDirectory is not set.
...
This patch fixes a segmentation fault when segmentation is enabled if
MellonPostDirectory is not set. This segmentation fault occurs when
trying to open the POSt directory.
The fix changes the behavior to log an error instead in this case.
2017-03-13 10:14:50 +01:00
Olav Morken
7af21c53da
Fix Cross-Site Session Transfer vulnerability
...
mod_auth_mellon did not verify that the site the session was created
for was the same site as the site the user accessed. This allows an
attacker with access to one web site on a server to use the same
session to get access to a different site running on the same server.
This patch fixes this vulnerability by storing the cookie parameters
used when creating the session in the session, and verifying those
parameters when the session is loaded.
Thanks to François Kooman for reporting this vulnerability.
This vulnerability has been assigned CVE-2017-6807.
2017-03-13 09:55:48 +01:00
Olav Morken
6b41d56927
Add beginning of NEWS file for version 0.13.1
2017-03-10 14:42:32 +01:00
Olav Morken
499b082598
Fix repeated word in NEWS file.
2017-02-22 07:29:20 +01:00
Olav Morken
6e2b4de2e0
Add NEWS file for version 0.13.0.
2017-02-22 07:17:44 +01:00
Olav Morken
f9d6555c36
Fix misspelling in "MellonRedirectDomains".
2016-03-09 10:45:28 +01:00
Olav Morken
76aaae421c
NEWS file for release 0.11.1.
2016-03-09 09:49:46 +01:00
Olav Morken
338c9ffb58
Add NEWS file for version 0.12.0.
2016-03-09 09:49:21 +01:00
Thijs Kinkhorst
c2612d5113
Some trivial typo fixes
2015-09-18 14:40:34 +00:00
Olav Morken
141bc62c42
Update NEWS.
2015-09-16 16:01:42 +02:00
Olav Morken
d9074c999e
Preliminary changelog for 0.11.0.
2015-09-03 14:47:16 +02:00
Jan Pazdziora
9c6b27c54e
MellonMergeEnvVars can now take second optional parameter to specify the separator.
2015-04-17 16:59:10 +02:00
Jan Pazdziora
24b9a2e8c6
Adding MellonEnvVarsSetCount functionality.
2015-04-16 11:02:21 +02:00
Jan Pazdziora
3e2f2af6c7
Adding MellonEnvVarsIndexStart functionality.
2015-04-15 10:59:21 +02:00
Olav Morken
c320bf5156
Update NEWS-file for version 0.10.0
2014-12-18 10:59:58 +01:00
Olav Morken
03db9ccf91
Include version 0.8.1 in the NEWS-file.
...
This release was branched from the 0.8.0-release, and was therefore
not included in the NEWS-file for the master-branch.
2014-12-18 10:59:16 +01:00
Olav Morken
bd3e53e55d
NEWS-file for 0.9.1.
2014-09-01 10:11:54 +02:00
Olav Morken
0f5b4fd860
Add NEWS-file for 0.9.0.
2014-08-27 15:37:48 +02:00
olavmrk
a887d8cb3c
Update news file and version number for version 0.8.0.
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@238 a716ebb1-153a-0410-b759-cfb97c6a1b53
2014-06-24 08:24:36 +00:00
olavmrk
b3bafde048
NEWS-file for version 0.7.0.
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@213 a716ebb1-153a-0410-b759-cfb97c6a1b53
2013-05-30 07:45:15 +00:00
manu@netbsd.org
1d2c882ba1
Add MellonSPentityId to control entityId in autogenerated metadata
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@205 a716ebb1-153a-0410-b759-cfb97c6a1b53
2013-04-15 14:54:38 +00:00
olavmrk
6eca192f66
NEWS file for version 0.6.1
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@203 a716ebb1-153a-0410-b759-cfb97c6a1b53
2013-03-22 11:44:07 +00:00
olavmrk
b7f159fb01
Update NEWS file.
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@198 a716ebb1-153a-0410-b759-cfb97c6a1b53
2013-03-15 09:08:47 +00:00
olavmrk
5698151f02
Update NEWS file for version 0.6.0.
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@189 a716ebb1-153a-0410-b759-cfb97c6a1b53
2013-03-06 12:54:28 +00:00
olavmrk
b6657e645e
Update NEWS-file for version 0.5.0.
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@155 a716ebb1-153a-0410-b759-cfb97c6a1b53
2012-04-16 09:13:09 +00:00
manu@netbsd.org
9dfc3a92ef
Honour MellonProbeDiscoveryIdP order when sending probes
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@139 a716ebb1-153a-0410-b759-cfb97c6a1b53
2011-12-05 19:06:44 +00:00
olavmrk
50eeb484ce
Update news for version 0.4.0.
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@131 a716ebb1-153a-0410-b759-cfb97c6a1b53
2011-05-18 10:49:37 +00:00
manu@netbsd.org
f0467bab7c
New MellonIdPMetadataGlob directive to load mulitple IdP metadata
...
using a glob(3) pattern.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@117 a716ebb1-153a-0410-b759-cfb97c6a1b53
2011-03-23 15:05:19 +00:00
manu@netbsd.org
000b791af8
New MellonCond directive to enable attribute filtering beyond MellonRequire
...
functionalities. Supports regexp, negations, and attribute name remapping
though MellonSetEnv
git-svn-id: https://modmellon.googlecode.com/svn/trunk@114 a716ebb1-153a-0410-b759-cfb97c6a1b53
2011-03-17 05:20:40 +00:00
manu@netbsd.org
99795c36c2
A /mellon/probeDisco endpoint replaces the builtin:get-metadata IdP
...
dicovery URL scheme. It is configured using the MellonProbeDiscoveryTimeout
and MellonProbeDiscoveryIdP directives.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@113 a716ebb1-153a-0410-b759-cfb97c6a1b53
2011-03-09 06:20:16 +00:00
manu@netbsd.org
3c822c774a
Allow MellonUser variable to be translated through MellonSetEnv
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@112 a716ebb1-153a-0410-b759-cfb97c6a1b53
2011-03-02 13:08:09 +00:00
olavmrk
beae36f11e
Version 0.3.0.
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@104 a716ebb1-153a-0410-b759-cfb97c6a1b53
2010-08-12 11:06:32 +00:00
manu@netbsd.org
6d2d83d8f8
Shibboleth 2 interoperability. This is acchieved by increasing the
...
storage for attributes, as OID-named attributes sent by the Shibboleth
IdP consomes quite some space.
There is also a required Destination attribute in AuthnRequest elements.
It is done by trunk version of lasso, but not by any currently released
version, hence we do if it is not done.
git-svn-id: https://modmellon.googlecode.com/svn/trunk@85 a716ebb1-153a-0410-b759-cfb97c6a1b53
2010-05-31 11:19:26 +00:00
manu@netbsd.org
40950a7b66
Optionaly ave the remote IdP entityId in the environment
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@84 a716ebb1-153a-0410-b759-cfb97c6a1b53
2010-05-31 11:15:49 +00:00
olavmrk
f9de5380ec
Version 0.2.6
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@78 a716ebb1-153a-0410-b759-cfb97c6a1b53
2009-12-21 14:06:29 +00:00
olavmrk
3dd79b7cc2
Version 0.2.5
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@73 a716ebb1-153a-0410-b759-cfb97c6a1b53
2009-11-16 09:20:06 +00:00
manu@netbsd.org
24d4e22219
Replay POST requets after been sent to the IdP
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@67 a716ebb1-153a-0410-b759-cfb97c6a1b53
2009-11-09 13:46:28 +00:00
olavmrk
727a602582
Version 0.2.4
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@66 a716ebb1-153a-0410-b759-cfb97c6a1b53
2009-08-11 13:52:06 +00:00
olavmrk
e56fed8e02
Version 0.2.3
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@63 a716ebb1-153a-0410-b759-cfb97c6a1b53
2009-08-07 12:57:02 +00:00
manu@netbsd.org
94926d954a
Bump to 0.2.2
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@58 a716ebb1-153a-0410-b759-cfb97c6a1b53
2009-06-15 14:10:23 +00:00
manu@netbsd.org
f79b9efaca
Bump to 0.2.1
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@53 a716ebb1-153a-0410-b759-cfb97c6a1b53
2009-06-05 20:17:14 +00:00
olavmrk
ec12ba32a5
Version 0.2.0.
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@47 a716ebb1-153a-0410-b759-cfb97c6a1b53
2009-05-13 06:44:04 +00:00
olavmrk
b5e1926a71
Version 0.1.1
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@42 a716ebb1-153a-0410-b759-cfb97c6a1b53
2009-03-06 08:34:29 +00:00
olavmrk
580f77f379
Updated NEWS file in preparation of version 0.1.0.
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@38 a716ebb1-153a-0410-b759-cfb97c6a1b53
2008-11-11 21:05:50 +00:00
olavmrk
f46ef739dc
Added previous change to NEWS file.
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@24 a716ebb1-153a-0410-b759-cfb97c6a1b53
2007-12-11 08:00:06 +00:00
olavmrk
80aa9b0ff0
Increased maximum Lasso session size.
...
git-svn-id: https://modmellon.googlecode.com/svn/trunk@22 a716ebb1-153a-0410-b759-cfb97c6a1b53
2007-10-26 13:37:54 +00:00