Skip to content

Changelog libapache2-mod-auth-openidc (2.3.3-1build1)

2018

libapache2-mod-auth-openidc (2.3.3-1build1) bionic; urgency=medium

   * No-change rebuild against libcurl4

libapache2-mod-auth-openidc (2.3.3-1) unstable; urgency=medium

   * New upstream version 2.3.3
   * Update debian/control

2017

libapache2-mod-auth-openidc (2.3.2-1) unstable; urgency=medium

   * New upstream version 2.3.2
   * link against openssl 1.1 (closes: #858993)

libapache2-mod-auth-openidc (2.3.1-2) unstable; urgency=medium

   * Fix maintainer script generation to enable/disable the module on
     installation and removal. This is safe to do because the example
     configuration does not do anything.
     This also closes: #868949 since it actually restarts Apache2 after
     enabling the module.

libapache2-mod-auth-openidc (2.3.1-1) unstable; urgency=medium

   * New upstream version 2.3.1

libapache2-mod-auth-openidc (2.1.6-1) unstable; urgency=high

   * New upstream version 2.1.6
     "This is a security release:
     Those using AuthType oauth20 together with applications that interpret
     headers set by mod_auth_openidc on paths that disclose sensitive
     information are affected and should upgrade."

libapache2-mod-auth-openidc (2.1.5-1) unstable; urgency=high

   * Imported Upstream version 2.1.5
     fixes two security issues:
     https://github.com/pingidentity/mod_auth_openidc/issues/212
     https://github.com/pingidentity/mod_auth_openidc/issues/222

libapache2-mod-auth-openidc (2.1.3-1) unstable; urgency=medium

   * Fix watch file
   * New upstream version 2.1.3
   * Fix lintian warning:
     apache2-module-depends-on-real-apache2-package

libapache2-mod-auth-openidc (2.1.2-2) unstable; urgency=medium

   * new upload excluding archs which don't build

2016

libapache2-mod-auth-openidc (2.1.2-1) unstable; urgency=medium

   * add Vcs Tags to control
   * Imported Upstream version 2.1.2

libapache2-mod-auth-openidc (1.8.10.1-1.2) unstable; urgency=medium

   * NMU: change depends to libssl1.0 to make it build again with apache
     (closes: # 844803)

libapache2-mod-auth-openidc (1.8.10.1-1.1) unstable; urgency=medium

   * NMU: fix watch file
   * fix openssl 1.1 FTBS (closes: #828380)
     patch from https://github.com/pingidentity/mod_auth_openidc/commit/82ee7cf68811662e93f9aea9b9a10beb095ee3df

libapache2-mod-auth-openidc (1.8.10.1-1) unstable; urgency=medium

   * fix Elliptic Curve signature verification

libapache2-mod-auth-openidc (1.8.10-1) unstable; urgency=medium

   * build with OpenSSL 1.1.0

libapache2-mod-auth-openidc (1.8.9-1) unstable; urgency=medium

   * improve X-Forwarded-Host handling over Host

libapache2-mod-auth-openidc (1.8.8-1) unstable; urgency=medium

   * pass bearer token in alternative ways

libapache2-mod-auth-openidc (1.8.7-1) unstable; urgency=medium

   * tighten up protocol checks

2015

libapache2-mod-auth-openidc (1.8.6-1) unstable; urgency=medium

   * add cookie-domain check

libapache2-mod-auth-openidc (1.8.5-1) unstable; urgency=medium

   * HTTP-based logout

libapache2-mod-auth-openidc (1.8.4-1) unstable; urgency=medium

   * allow for compilation on MS Windows

libapache2-mod-auth-openidc (1.8.3-1) unstable; urgency=medium

   * remove accounts.google.com exceptions

libapache2-mod-auth-openidc (1.8.2-1) unstable; urgency=medium

   * Elliptic Curve fixes

libapache2-mod-auth-openidc (1.8.1-1) unstable; urgency=medium

   * avoid timing attacks; build with OpenSSL < 1.0

libapache2-mod-auth-openidc (1.8.0-1) unstable; urgency=medium

   * enable local JWT validation

libapache2-mod-auth-openidc (1.7.3-1) unstable; urgency=medium

   * fix symmetric key decryption of JWTs

libapache2-mod-auth-openidc (1.7.2-1) unstable; urgency=medium

   * add support for OIDCOAuthIntrospectionTokenParamName

2014

libapache2-mod-auth-openidc (1.7.1-1) unstable; urgency=medium

   * Redis reconnect, OIDCCacheShmEntrySizeMax, OIDCReturn401, OIDCPassCookies

libapache2-mod-auth-openidc (1.7.0-1) unstable; urgency=medium

   * Redis caching, refresh flow, token introspection

libapache2-mod-auth-openidc (1.6.0-1) unstable; urgency=medium

   * new upstream release; add libssl-dev dependency

libapache2-mod-auth-openidc (1.5.5-1) unstable; urgency=medium

   * use HttpOnly on cookies; set OIDCCookiePath to /

libapache2-mod-auth-openidc (1.5.4-3) unstable; urgency=medium

   * changelog line was too long; correct/simplify watch file

libapache2-mod-auth-openidc (1.5.4-2) unstable; urgency=medium

   * correct debian directory for wheezy/jessie; watch file check .orig.tar.gz

libapache2-mod-auth-openidc (1.5.4-1) unstable; urgency=medium

   * fix big endian issue

libapache2-mod-auth-openidc (1.5.3-2) unstable; urgency=medium

   * build/test on big endian arch

libapache2-mod-auth-openidc (1.5.3-1) unstable; urgency=medium

   * fix initialization leak

libapache2-mod-auth-openidc (1.5.2-1) unstable; urgency=medium

   * fix OAuth 2.0 authorization and passes JSON claims in HTTP headers

libapache2-mod-auth-openidc (1.5.1-1) unstable; urgency=medium

   * add pkg-config to Build-Depends

libapache2-mod-auth-openidc (1.5-6) unstable; urgency=medium

   * drop lintian-overrides

libapache2-mod-auth-openidc (1.5-5) unstable; urgency=medium

   * support both Apache 2.2 and 2.4 config layouts

libapache2-mod-auth-openidc (1.5-4) unstable; urgency=medium

   * include .postinst script for setting permissions

libapache2-mod-auth-openidc (1.5-3) unstable; urgency=medium

   * more Debian packaging fixes

libapache2-mod-auth-openidc (1.5-2) unstable; urgency=medium

   * include original source

libapache2-mod-auth-openidc (1.5-1) unstable; urgency=medium

   * use Debian non-native packaging

libapache2-mod-auth-openidc (1.5) unstable; urgency=medium

   * switch to JSON parser jansson

libapache2-mod-auth-openidc (1.4) unstable; urgency=medium

   * OpenSSL fixes

libapache2-mod-auth-openidc (1.3) unstable; urgency=medium

   * fix running on non-standard port

libapache2-mod-auth-openidc (1.2) unstable; urgency=medium

   * session timeout handling, use shared memory as cache by default

libapache2-mod-auth-openidc (1.1) unstable; urgency=low

   * add issuer to REMOTE_USER; included INSTALL

libapache2-mod-auth-openidc (1.0.1) unstable; urgency=low

   * fix Require keyword issue for Apache 2.4

libapache2-mod-auth-openidc (1.0) unstable; urgency=low

   * Initial release under new name and flag.