Ubuntu
libapache2-mod-auth-mellon package

Change log for libapache2-mod-auth-mellon package in Ubuntu

135 of 35 results FirstPreviousNextLast
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
libapache2-mod-auth-mellon (0.19.0-1build3) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <email address hidden>  Sun, 31 Mar 2024 18:44:38 +0000

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
libapache2-mod-auth-mellon (0.19.0-1build2) noble; urgency=medium

  * No-change rebuild against libcurl4t64

 -- Steve Langasek <email address hidden>  Sat, 16 Mar 2024 06:30:18 +0000
Superseded in noble-proposed 
libapache2-mod-auth-mellon (0.19.0-1build1) noble; urgency=medium

  * No-change rebuild against libssl3t64

 -- Steve Langasek <email address hidden>  Mon, 04 Mar 2024 18:20:27 +0000
Deleted in noble-updates (Reason: superseded by release)
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
libapache2-mod-auth-mellon (0.19.0-1) unstable; urgency=medium

  [ Thijs Kinkhorst ]
  * New upstream release. 

  [ Debian Janitor ]
  * Trim trailing whitespace.
  * Bump debhelper from old 12 to 13.
  * Set debhelper-compat version in Build-Depends.
  * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse.
  * Set upstream metadata fields: Repository.

 -- Thijs Kinkhorst <email address hidden>  Sat, 13 Jan 2024 14:29:22 +0000

Available diffs

Superseded in noble-release
Published in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
libapache2-mod-auth-mellon (0.18.1-1) unstable; urgency=medium

  * New upstream release.

 -- Thijs Kinkhorst <email address hidden>  Tue, 03 Jan 2023 10:57:05 +0000
Superseded in lunar-release
Obsolete in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
libapache2-mod-auth-mellon (0.18.0-1build1) jammy; urgency=high

  * No change rebuild for ppc64el baseline bump.

 -- Julian Andres Klode <email address hidden>  Thu, 24 Mar 2022 13:09:23 +0100
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
libapache2-mod-auth-mellon (0.17.0-1ubuntu2) jammy; urgency=medium

  * No-change rebuild against libssl3

 -- Steve Langasek <email address hidden>  Wed, 08 Dec 2021 23:36:09 +0000

Available diffs

Obsolete in hirsute-updates
Obsolete in hirsute-security 
libapache2-mod-auth-mellon (0.17.0-1ubuntu0.21.04.1) hirsute-security; urgency=medium

  * SECURITY UPDATE: open redirect vulnerability
    - debian/patches/CVE-2021-3639.patch: prevent redirect to URLs that
      begin with /// in auth_mellon_util.c.
    - CVE-2021-3639

 -- Marc Deslauriers <email address hidden>  Wed, 04 Aug 2021 10:12:11 -0400
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
libapache2-mod-auth-mellon (0.18.0-1) unstable; urgency=medium

  * New upstream release (closes: #991730).
    - Fixes security issue CVE-2019-13038: open redirect.

 -- Thijs Kinkhorst <email address hidden>  Fri, 06 Aug 2021 19:16:38 +0000
Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
libapache2-mod-auth-mellon (0.17.0-1ubuntu1) impish; urgency=medium

  * SECURITY UPDATE: open redirect vulnerability
    - debian/patches/CVE-2021-3639.patch: prevent redirect to URLs that
      begin with /// in auth_mellon_util.c.
    - CVE-2021-3639

 -- Marc Deslauriers <email address hidden>  Wed, 04 Aug 2021 10:12:11 -0400
Published in bionic-updates
Published in bionic-security 
libapache2-mod-auth-mellon (0.13.1-1ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: open redirect vulnerability
    - debian/patches/CVE-2021-3639.patch: prevent redirect to URLs that
      begin with /// in auth_mellon_util.c.
    - CVE-2021-3639

 -- Marc Deslauriers <email address hidden>  Wed, 04 Aug 2021 10:17:24 -0400
Published in focal-updates
Published in focal-security 
libapache2-mod-auth-mellon (0.16.0-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: open redirect vulnerability
    - debian/patches/CVE-2021-3639.patch: prevent redirect to URLs that
      begin with /// in auth_mellon_util.c.
    - CVE-2021-3639

 -- Marc Deslauriers <email address hidden>  Wed, 04 Aug 2021 10:16:54 -0400

Available diffs

  • diff from 0.14.2-1ubuntu2 to 0.16.0-1ubuntu0.1 (pending)
Published in xenial-updates
Published in xenial-security 
libapache2-mod-auth-mellon (0.12.0-2+deb9u1build0.16.04.1) xenial-security; urgency=medium

  * fake sync from Debian
Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
libapache2-mod-auth-mellon (0.17.0-1) unstable; urgency=medium

  * New upstream release.

 -- Thijs Kinkhorst <email address hidden>  Tue, 08 Sep 2020 10:56:41 +0000

Available diffs

Superseded in hirsute-release
Obsolete in groovy-release
Published in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
libapache2-mod-auth-mellon (0.16.0-1) unstable; urgency=high

  * New upstream release. 

 -- Thijs Kinkhorst <email address hidden>  Tue, 28 Jan 2020 15:25:41 +0000
Obsolete in eoan-updates
Obsolete in eoan-security 
libapache2-mod-auth-mellon (0.14.2-1ubuntu1.19.10.1) eoan-security; urgency=medium

  * SECURITY UPDATE: open redirect issue
    - debian/patches/CVE-2019-13038-1.patch: prevent schemes without
      hostname in auth_mellon_util.c.
    - debian/patches/CVE-2019-13038-2.patch: add error message in
      auth_mellon_util.c.
    - CVE-2019-13038

 -- Marc Deslauriers <email address hidden>  Fri, 22 Nov 2019 12:39:03 -0500
Superseded in bionic-updates
Superseded in bionic-security 
libapache2-mod-auth-mellon (0.13.1-1ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: open redirect issue
    - debian/patches/CVE-2019-13038-1.patch: prevent schemes without
      hostname in auth_mellon_util.c.
    - debian/patches/CVE-2019-13038-2.patch: add error message in
      auth_mellon_util.c.
    - CVE-2019-13038

 -- Marc Deslauriers <email address hidden>  Fri, 22 Nov 2019 12:44:27 -0500
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
libapache2-mod-auth-mellon (0.14.2-1ubuntu2) focal; urgency=medium

  * SECURITY UPDATE: open redirect issue
    - debian/patches/CVE-2019-13038-1.patch: prevent schemes without
      hostname in auth_mellon_util.c.
    - debian/patches/CVE-2019-13038-2.patch: add error message in
      auth_mellon_util.c.
    - CVE-2019-13038

 -- Marc Deslauriers <email address hidden>  Fri, 22 Nov 2019 12:39:03 -0500
Obsolete in cosmic-updates
Deleted in cosmic-proposed (Reason: moved to -updates) 
libapache2-mod-auth-mellon (0.14.0-1ubuntu0.2) cosmic; urgency=medium

  * d/rules: Build the module with --enable-diagnostics (LP: #1820279)

 -- Corey Bryant <email address hidden>  Fri, 29 Mar 2019 16:08:39 -0400
Superseded in focal-release
Obsolete in eoan-release
Obsolete in disco-release
Deleted in disco-proposed (Reason: moved to release) 
libapache2-mod-auth-mellon (0.14.2-1ubuntu1) disco; urgency=medium

  * Build the module with --enable-diagnostics (LP: #1820279)

 -- Dmitrii Shcherbakov <email address hidden>  Fri, 22 Mar 2019 22:27:25 +0300
Superseded in bionic-updates
Superseded in bionic-security 
libapache2-mod-auth-mellon (0.13.1-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Open redirect in logout
    - debian/patches/CVE-2019-3877.patch: fix in
      auth_mellon_util.c.
    - CVE-2019-3877
  * SECURITY UPDATE: Authentication bypass
    - debian/patches/CVE-2019-3878.patch: fix in
      mod_auth_mellon.c.
    - CVE-2019-3878

 -- <email address hidden> (Leonidas S. Barbosa)  Wed, 27 Mar 2019 10:36:21 -0300
Superseded in cosmic-updates
Obsolete in cosmic-security 
libapache2-mod-auth-mellon (0.14.0-1ubuntu0.1) cosmic-security; urgency=medium

  * SECURITY UPDATE: Open redirect in logout
    - debian/patches/CVE-2019-3877.patch: fix in
      auth_mellon_util.c.
    - CVE-2019-3877
  * SECURITY UPDATE: Authentication bypass
    - debian/patches/CVE-2019-3878.patch: fix in
      mod_auth_mellon.c.
    - CVE-2019-3878

 -- <email address hidden> (Leonidas S. Barbosa)  Wed, 27 Mar 2019 10:58:17 -0300
Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
libapache2-mod-auth-mellon (0.14.2-1) unstable; urgency=high

  * New upstream security release. (closes: #925197)
    - Auth bypass when used with reverse proxy [CVE-2019-3878]
    - Open redirect vulnerability in logout [CVE-2019-3877]

 -- Thijs Kinkhorst <email address hidden>  Fri, 22 Mar 2019 12:10:11 +0000

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
libapache2-mod-auth-mellon (0.14.1-1) unstable; urgency=medium

  [ Thijs Kinkhorst ]
  * New upstream release.
  * Declare the explicit requirement for (fake)root,
    thanks Niels Thykier.
  * Ship the mellon_create_metadata utility (closes: #893957).
  * Update debhelper compatibility level to 11.
  * Checked for policy 4.3.0, no changes.

  [ Ondřej Nový ]
  * d/copyright: Use https protocol in Format field
  * d/changelog: Remove trailing whitespaces

 -- Thijs Kinkhorst <email address hidden>  Mon, 11 Feb 2019 08:44:03 +0000

Available diffs

Superseded in disco-release
Obsolete in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release) 
libapache2-mod-auth-mellon (0.14.0-1) unstable; urgency=medium

  * New upstream release.

 -- Thijs Kinkhorst <email address hidden>  Fri, 16 Mar 2018 08:55:49 +0000
Superseded in cosmic-release
Published in bionic-release
Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
libapache2-mod-auth-mellon (0.13.1-1build2) bionic; urgency=medium

  * No-change rebuild against libcurl4

 -- Steve Langasek <email address hidden>  Wed, 28 Feb 2018 07:03:42 +0000

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
libapache2-mod-auth-mellon (0.13.1-1build1) bionic; urgency=high

  * No change rebuild against openssl1.1.

 -- Dimitri John Ledkov <email address hidden>  Mon, 05 Feb 2018 22:32:52 +0000
Superseded in bionic-release
Obsolete in artful-release
Deleted in artful-proposed (Reason: moved to release) 
libapache2-mod-auth-mellon (0.13.1-1) unstable; urgency=medium

  * New upstream release.
    - Obsoles backported security patches.
  * Checked for policy 4.0.0, no changes necessary.

 -- Thijs Kinkhorst <email address hidden>  Sun, 09 Jul 2017 14:13:45 +0000

Available diffs

Superseded in artful-release
Obsolete in zesty-release
Deleted in zesty-proposed (Reason: moved to release) 
libapache2-mod-auth-mellon (0.12.0-2) unstable; urgency=high

  * Backport upstream patches for security issues:
    - Fix a denial of service attack in the logout handler.
    - Fix a cross-site session transfer vulnerability [CVE-2017-6807]. 

 -- Thijs Kinkhorst <email address hidden>  Mon, 13 Mar 2017 13:06:19 +0000

Available diffs

Superseded in zesty-release
Obsolete in yakkety-release
Published in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
libapache2-mod-auth-mellon (0.12.0-1) unstable; urgency=high

  * New upstream release.
    - Fixes Denial of Service issues [CVE-2016-2145, CVE-2016-2146].
  * Checked for policy 3.6.7, no changes. 

 -- Thijs Kinkhorst <email address hidden>  Wed, 09 Mar 2016 10:13:05 +0000

Available diffs

Superseded in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
libapache2-mod-auth-mellon (0.11.0-1) unstable; urgency=medium

  * New upstream release.
  * Depend on authn_core in Apache module definition, it's needed
    for the "AuthType" command to work.

 -- Thijs Kinkhorst <email address hidden>  Fri, 18 Sep 2015 13:23:06 +0000

Available diffs

Superseded in xenial-release
Obsolete in wily-release
Deleted in wily-proposed (Reason: moved to release) 
libapache2-mod-auth-mellon (0.10.0-1) unstable; urgency=medium

  * New upstream release.
  * Update Standards-Version to 3.9.6, no changes required.

 -- Thijs Kinkhorst <email address hidden>  Wed, 29 Apr 2015 14:26:09 +0000

Available diffs

Superseded in wily-release
Obsolete in vivid-release
Deleted in vivid-proposed (Reason: moved to release) 
libapache2-mod-auth-mellon (0.9.1-1) unstable; urgency=medium


  * New upstream release.

 -- Thijs Kinkhorst <email address hidden>  Mon, 01 Sep 2014 10:24:58 +0000

Available diffs

Superseded in vivid-release
Obsolete in utopic-release
Published in trusty-release
Obsolete in saucy-release
Deleted in saucy-proposed (Reason: moved to release) 
libapache2-mod-auth-mellon (0.7.0-1) unstable; urgency=low


  * New upstream release.
    - Incorporates ap-2.4-compat.patch.

 -- Thijs Kinkhorst <email address hidden>  Wed, 05 Jun 2013 12:58:50 +0200

Available diffs

Superseded in saucy-proposed 
libapache2-mod-auth-mellon (0.6.1-3) unstable; urgency=low


  * Upload to unstable.

 -- Thijs Kinkhorst <email address hidden>  Mon, 27 May 2013 16:30:08 +0200
135 of 35 results FirstPreviousNextLast