Debian
webauth package

webauth 4.5.5-1 source package in Debian

Changelog

webauth (4.5.5-1) experimental; urgency=low


  * New upstream release.
    - Warn about mismatched webkdc-proxy tokens but no longer treat them
      as a fatal error.
    - Fix handling of non-password session factor requirements.
    - Improve handling of initial factor requirements when users have a
      way to establish initial credentials that don't include a password
      factor.
    - Improve handling of a Kerberos webkdc-proxy token requirement during
      a multifactor authentication.
    - Retry WebLogin posts to the WebKDC once to be more robust against
      interruptions by signals (such as from the FastCGI process manager).
    - Produce more succinct and hopefully better error messages when
      WebLogin cannot post to the WebKDC.
    - Ignore SIGPIPE signals in WebLogin scripts.
    - Require the return URL be absolute and not contain non-ASCII
      characters in mod_webkdc processing.
    - Fix WebLogin replay detection logic to not trigger on password
      changes.
    - Work around problems in WebLogin caused by the WebKDC returning
      error messages that contain undeclared non-UTF-8 characters in
      violation of the XML standard.
    - Improve error reporting of unparsable XML received by the WebLogin
      server from the WebKDC.
    - Fix logging of mod_webkdc <requestTokenRequest> failures.
    - Fix the prototype attributes for webauth_user_validate.
    - Log when mod_webkdc ignores expired tokens.
    - Display more correct errors after some failures during the second
      step of a multifactor authentication.
    - Correctly diagnose a missing service token in a WebLogin request and
      report the correct error instead of an internal error.
    - Make the version of all Perl modules match the WebAuth release.
    - Better error display for logins rejected by the user information
      service.
    - Better error display for multifactor authentication errors.
    - Rate limiting and replay detection are now also applied to the
      multifactor login page.
    - Fix replay detection by correcting choice of memcached keys.
    - Support staying on the code entry page after an error when using an
      SMS method for multifactor.  Local template changes are required to
      take advantage of this feature.

 -- Russ Allbery <email address hidden>  Wed, 28 Aug 2013 22:02:11 -0700

Upload details

Uploaded by:
Russ Allbery
Uploaded to:
Experimental
Original maintainer:
Russ Allbery
Architectures:
any all
Section:
web
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
webauth_4.5.5-1.dsc 2.6 KiB 5e7362c4d632a76a6641dfe9a76343b962b4f3dfa59420318ac9a289b4724300
webauth_4.5.5.orig.tar.xz 848.9 KiB bbdc493e58a5d4d92a206f309681410461dd33019bfb3fcd477bf16855e67448
webauth_4.5.5-1.debian.tar.xz 27.2 KiB 757aa9118f37d0c07df94a80d792ea1efac7859ee16f99b01c1762090ab3929e

No changes file available.

Binary packages built by this source