Change log for libapache2-mod-auth-mellon package in Debian

libapache2-mod-auth-mellon (0.19.0-1) unstable; urgency=medium

  [ Thijs Kinkhorst ]
  * New upstream release. 

  [ Debian Janitor ]
  * Trim trailing whitespace.
  * Bump debhelper from old 12 to 13.
  * Set debhelper-compat version in Build-Depends.
  * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse.
  * Set upstream metadata fields: Repository.

 -- Thijs Kinkhorst <email address hidden>  Sat, 13 Jan 2024 14:29:22 +0000

Available diffs

• diff from 0.18.1-1 to 0.19.0-1 (10.8 KiB)

libapache2-mod-auth-mellon (0.18.1-1) unstable; urgency=medium

  * New upstream release.

 -- Thijs Kinkhorst <email address hidden>  Tue, 03 Jan 2023 10:57:05 +0000

Available diffs

• diff from 0.18.0-1build1 (in ~ci-train-ppa-service/ubuntu/4813-deletedppa) to 0.18.1-1 (44.0 KiB)

libapache2-mod-auth-mellon (0.17.0-1+deb11u1) bullseye; urgency=medium

  * Upload to fix security issue:
    - Open redirect in logout endpoint (CVE-2021-3639)

 -- Thijs Kinkhorst <email address hidden>  Tue, 06 Dec 2022 20:12:37 +0100

libapache2-mod-auth-mellon (0.18.0-1) unstable; urgency=medium

  * New upstream release (closes: #991730).
    - Fixes security issue CVE-2019-13038: open redirect.

 -- Thijs Kinkhorst <email address hidden>  Fri, 06 Aug 2021 19:16:38 +0000

Available diffs

• diff from 0.17.0-1ubuntu2 (in Ubuntu) to 0.18.0-1 (45.8 KiB)

libapache2-mod-auth-mellon (0.17.0-1) unstable; urgency=medium

  * New upstream release.

 -- Thijs Kinkhorst <email address hidden>  Tue, 08 Sep 2020 10:56:41 +0000

Available diffs

• diff from 0.16.0-1 to 0.17.0-1 (10.1 KiB)

libapache2-mod-auth-mellon (0.16.0-1) unstable; urgency=high

  * New upstream release. 

 -- Thijs Kinkhorst <email address hidden>  Tue, 28 Jan 2020 15:25:41 +0000

Available diffs

• diff from 0.14.2-1ubuntu2 (in Ubuntu) to 0.16.0-1 (13.9 KiB)

libapache2-mod-auth-mellon (0.15.0-1) unstable; urgency=medium

  * New upstream release.
    - Fixes security issue CVE-2019-13038 (closes: #931265).
  * Build with diagnostics enabled; this can be switched on at
    runtime with the Apache directives MellonDiagnosticsEnable and
    MellonDiagnosticsFile (closes: #931562).
  * Relocated upstream, updated URLs and copyrights.
  * Packaging cleanups: change section to HTTPD, bump debhelper
    level to 12, standards-version to 4.5.0.

 -- Thijs Kinkhorst <email address hidden>  Mon, 27 Jan 2020 10:41:36 +0000

libapache2-mod-auth-mellon (0.12.0-2+deb9u1) stretch-security; urgency=high

  * Upload to stable-security (closes: #925197)
    - Auth bypass when used with reverse proxy [CVE-2019-3878]
    - Open redirect vulnerability in logout [CVE-2019-3877]

 -- Thijs Kinkhorst <email address hidden>  Sat, 23 Mar 2019 13:29:19 +0000

libapache2-mod-auth-mellon (0.14.2-1) unstable; urgency=high

  * New upstream security release. (closes: #925197)
    - Auth bypass when used with reverse proxy [CVE-2019-3878]
    - Open redirect vulnerability in logout [CVE-2019-3877]

 -- Thijs Kinkhorst <email address hidden>  Fri, 22 Mar 2019 12:10:11 +0000

Available diffs

• diff from 0.14.1-1 to 0.14.2-1 (2.9 KiB)

libapache2-mod-auth-mellon (0.14.1-1) unstable; urgency=medium

  [ Thijs Kinkhorst ]
  * New upstream release.
  * Declare the explicit requirement for (fake)root,
    thanks Niels Thykier.
  * Ship the mellon_create_metadata utility (closes: #893957).
  * Update debhelper compatibility level to 11.
  * Checked for policy 4.3.0, no changes.

  [ Ondřej Nový ]
  * d/copyright: Use https protocol in Format field
  * d/changelog: Remove trailing whitespaces

 -- Thijs Kinkhorst <email address hidden>  Mon, 11 Feb 2019 08:44:03 +0000

Available diffs

• diff from 0.14.0-1 to 0.14.1-1 (6.7 KiB)

libapache2-mod-auth-mellon (0.14.0-1) unstable; urgency=medium

  * New upstream release.

 -- Thijs Kinkhorst <email address hidden>  Fri, 16 Mar 2018 08:55:49 +0000

Available diffs

• diff from 0.13.1-1build2 (in Ubuntu) to 0.14.0-1 (483.3 KiB)

libapache2-mod-auth-mellon (0.13.1-1) unstable; urgency=medium

  * New upstream release.
    - Obsoles backported security patches.
  * Checked for policy 4.0.0, no changes necessary.

 -- Thijs Kinkhorst <email address hidden>  Sun, 09 Jul 2017 14:13:45 +0000

Available diffs

• diff from 0.12.0-2 to 0.13.1-1 (14.9 KiB)

libapache2-mod-auth-mellon (0.12.0-2) unstable; urgency=high

  * Backport upstream patches for security issues:
    - Fix a denial of service attack in the logout handler.
    - Fix a cross-site session transfer vulnerability [CVE-2017-6807]. 

 -- Thijs Kinkhorst <email address hidden>  Mon, 13 Mar 2017 13:06:19 +0000

Available diffs

• diff from 0.12.0-1 to 0.12.0-2 (3.4 KiB)

libapache2-mod-auth-mellon (0.12.0-1) unstable; urgency=high

  * New upstream release.
    - Fixes Denial of Service issues [CVE-2016-2145, CVE-2016-2146].
  * Checked for policy 3.6.7, no changes. 

 -- Thijs Kinkhorst <email address hidden>  Wed, 09 Mar 2016 10:13:05 +0000

Available diffs

• diff from 0.11.0-1 to 0.12.0-1 (13.9 KiB)

libapache2-mod-auth-mellon (0.11.0-1) unstable; urgency=medium

  * New upstream release.
  * Depend on authn_core in Apache module definition, it's needed
    for the "AuthType" command to work.

 -- Thijs Kinkhorst <email address hidden>  Fri, 18 Sep 2015 13:23:06 +0000

Available diffs

• diff from 0.10.0-1 to 0.11.0-1 (29.8 KiB)

libapache2-mod-auth-mellon (0.10.0-1) unstable; urgency=medium

  * New upstream release.
  * Update Standards-Version to 3.9.6, no changes required.

 -- Thijs Kinkhorst <email address hidden>  Wed, 29 Apr 2015 14:26:09 +0000

Available diffs

• diff from 0.9.1-1 to 0.10.0-1 (6.0 KiB)

libapache2-mod-auth-mellon (0.9.1-1) unstable; urgency=medium


  * New upstream release.

 -- Thijs Kinkhorst <email address hidden>  Mon, 01 Sep 2014 10:24:58 +0000

Available diffs

• diff from 0.7.0-1 to 0.9.1-1 (29.2 KiB)

libapache2-mod-auth-mellon (0.9.0-1) unstable; urgency=medium


  * New upstream release.
  * Upstream moved to github: update homepage, watch and copyright.
  * Switched to collab-maint: update Vcs-* fields. 

 -- Thijs Kinkhorst <email address hidden>  Fri, 29 Aug 2014 13:13:12 +0000

libapache2-mod-auth-mellon (0.7.0-1) unstable; urgency=low


  * New upstream release.
    - Incorporates ap-2.4-compat.patch.

 -- Thijs Kinkhorst <email address hidden>  Wed, 05 Jun 2013 12:58:50 +0200

Available diffs

• diff from 0.6.1-3 to 0.7.0-1 (10.2 KiB)

libapache2-mod-auth-mellon (0.6.1-3) unstable; urgency=low


  * Upload to unstable.

 -- Thijs Kinkhorst <email address hidden>  Mon, 27 May 2013 16:30:08 +0200

libapache2-mod-auth-mellon (0.6.1-2) experimental; urgency=low


  * Rebuild for Apache 2.4.

 -- Thijs Kinkhorst <email address hidden>  Tue, 07 May 2013 10:41:42 +0200