-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 28 Aug 2013 22:02:11 -0700
Source: webauth
Binary: libapache2-mod-webauth libapache2-mod-webauthldap libapache2-mod-webkdc
libapache2-webauth libapache2-webkdc libwebauth-perl libwebauth10
libwebauth-dev libwebkdc-perl webauth-tests webauth-utils webauth-weblogin
Architecture: source i386 all
Version: 4.5.5-1
Distribution: experimental
Urgency: low
Maintainer: Russ Allbery <r...@debian.org>
Changed-By: Russ Allbery <r...@debian.org>
Description:
libapache2-mod-webauth - Apache module for WebAuth authentication
libapache2-mod-webauthldap - Apache module for WebAuth LDAP lookup and
authorization
libapache2-mod-webkdc - Apache modules for a WebAuth authentication KDC
libapache2-webauth - Transitional package for WebAuth Apache modules
libapache2-webkdc - Transitional package for WebAuth authentication KDC
libwebauth-dev - Development files for WebAuth authentication
libwebauth-perl - Perl library for WebAuth authentication
libwebauth10 - Shared libraries for WebAuth authentication
libwebkdc-perl - Perl libraries for WebAuth central login server
webauth-tests - Tests for the WebAuth authentication modules
webauth-utils - Command-line utilities for WebAuth authentication
webauth-weblogin - Central login server for WebAuth authentication
Changes:
webauth (4.5.5-1) experimental; urgency=low
.
* New upstream release.
- Warn about mismatched webkdc-proxy tokens but no longer treat them
as a fatal error.
- Fix handling of non-password session factor requirements.
- Improve handling of initial factor requirements when users have a
way to establish initial credentials that don't include a password
factor.
- Improve handling of a Kerberos webkdc-proxy token requirement during
a multifactor authentication.
- Retry WebLogin posts to the WebKDC once to be more robust against
interruptions by signals (such as from the FastCGI process manager).
- Produce more succinct and hopefully better error messages when
WebLogin cannot post to the WebKDC.
- Ignore SIGPIPE signals in WebLogin scripts.
- Require the return URL be absolute and not contain non-ASCII
characters in mod_webkdc processing.
- Fix WebLogin replay detection logic to not trigger on password
changes.
- Work around problems in WebLogin caused by the WebKDC returning
error messages that contain undeclared non-UTF-8 characters in
violation of the XML standard.
- Improve error reporting of unparsable XML received by the WebLogin
server from the WebKDC.
- Fix logging of mod_webkdc <requestTokenRequest> failures.
- Fix the prototype attributes for webauth_user_validate.
- Log when mod_webkdc ignores expired tokens.
- Display more correct errors after some failures during the second
step of a multifactor authentication.
- Correctly diagnose a missing service token in a WebLogin request and
report the correct error instead of an internal error.
- Make the version of all Perl modules match the WebAuth release.
- Better error display for logins rejected by the user information
service.
- Better error display for multifactor authentication errors.
- Rate limiting and replay detection are now also applied to the
multifactor login page.
- Fix replay detection by correcting choice of memcached keys.
- Support staying on the code entry page after an error when using an
SMS method for multifactor. Local template changes are required to
take advantage of this feature.
Checksums-Sha1:
9699b76ea5b67f43bfac2f49c5020556e2589650 2622 webauth_4.5.5-1.dsc
e98bda21a1d1ae75e122f46a67b298368e75a1ee 869252 webauth_4.5.5.orig.tar.xz
d485bdc73d5d096195d3228927ac8b33cf37d2cc 27836 webauth_4.5.5-1.debian.tar.xz
8b23e375803cefedcc378a27522917c85707fb0f 224858
libapache2-mod-webauth_4.5.5-1_i386.deb
b0a75985d81c20ca11e7180692ad7a6e6cc2d498 90690
libapache2-mod-webauthldap_4.5.5-1_i386.deb
7d9fa5258a085600b7c56f186dc7017960d87b16 110364
libapache2-mod-webkdc_4.5.5-1_i386.deb
45c467444c57bdb869b5efc29ef7f08708a8a210 52350
libapache2-webauth_4.5.5-1_all.deb
b340abe2c0f86811246a84e06a9361a54574adc0 51612
libapache2-webkdc_4.5.5-1_all.deb
6705000b0f269f6a57c62130b56a722c5e3b2747 146128
libwebauth-perl_4.5.5-1_i386.deb
94411a8b705c0c3971ea344e2f9fb3ffb98799f4 84896 libwebauth10_4.5.5-1_i386.deb
d7e825c4f81606f85fe4724c3c0a688a4ffcdb92 100708 libwebauth-dev_4.5.5-1_i386.deb
975f0964128e6270e3e17f24bcc0a81b5a270623 120734 libwebkdc-perl_4.5.5-1_all.deb
333c294e153c8348aba761b9fef36f02119f48df 62444 webauth-tests_4.5.5-1_all.deb
bc2d08c443d12da6f7d9717fc9231f3c50c495b8 60610 webauth-utils_4.5.5-1_i386.deb
5bdf0a007a2748ea5671ed6944df22346b2b7e41 120924
webauth-weblogin_4.5.5-1_all.deb
Checksums-Sha256:
5e7362c4d632a76a6641dfe9a76343b962b4f3dfa59420318ac9a289b4724300 2622
webauth_4.5.5-1.dsc
bbdc493e58a5d4d92a206f309681410461dd33019bfb3fcd477bf16855e67448 869252
webauth_4.5.5.orig.tar.xz
757aa9118f37d0c07df94a80d792ea1efac7859ee16f99b01c1762090ab3929e 27836
webauth_4.5.5-1.debian.tar.xz
5c6ad0b8db07dafa97bb6de4c44687d22684cb8867bc184b4a0ac8e207c07037 224858
libapache2-mod-webauth_4.5.5-1_i386.deb
c41e268ce31d7662cf6241ffccf3b7ebbd90d8b441b7bdb08a4ba337734535b7 90690
libapache2-mod-webauthldap_4.5.5-1_i386.deb
c9cd900fa4bdce88938401de840180067a052f716dc739d19fe8b63de9d2ff82 110364
libapache2-mod-webkdc_4.5.5-1_i386.deb
5dfda4b89112b5565d9df65118ce4df2bd3f46c4d6be1368d5561ebca36db772 52350
libapache2-webauth_4.5.5-1_all.deb
84934fe39c69d031e644bfef3ed51054bdc2a9f2af4e6adc5e09002444f2ceda 51612
libapache2-webkdc_4.5.5-1_all.deb
340b25122834c8cc5bcdd92ac72718aac64bc64aaefa92c20e7b99d72b36d6bd 146128
libwebauth-perl_4.5.5-1_i386.deb
0c8f2d0275c7f5c3eb3d75ae7d11cd57c4e2e41d0a62c397184a57814c0147ea 84896
libwebauth10_4.5.5-1_i386.deb
f1a76d8cba31eb8260bc26fab99ef25783ba704512710ebd32645b2e96f5b2e3 100708
libwebauth-dev_4.5.5-1_i386.deb
57494097225368e9548f215f970183b4b209996c4867d66a693e6bfaa0339a2f 120734
libwebkdc-perl_4.5.5-1_all.deb
50df78aeda4ca48f37d46763bb513907c67d80cda27ca3f66d0abfb7372ab423 62444
webauth-tests_4.5.5-1_all.deb
becaa835bb395fd4a7330a2952039713cb263f223a741260608914b9c4d7a275 60610
webauth-utils_4.5.5-1_i386.deb
a6e50ef42439067cf0e36e42423d84b51829b66793d12570b55ecfb1389f250a 120924
webauth-weblogin_4.5.5-1_all.deb
Files:
4406ed565720ee4963ef228df9348eab 2622 web optional webauth_4.5.5-1.dsc
41db9df36decd67eda39da930267b879 869252 web optional webauth_4.5.5.orig.tar.xz
f9bec9265a6572e512f5004f4051b627 27836 web optional
webauth_4.5.5-1.debian.tar.xz
392c9683305764a8686bf6394fd2035e 224858 httpd optional
libapache2-mod-webauth_4.5.5-1_i386.deb
41499bed315824f963375987e24c4fae 90690 httpd optional
libapache2-mod-webauthldap_4.5.5-1_i386.deb
0e78019387e9c98c26e3e67bc5ba28e7 110364 httpd optional
libapache2-mod-webkdc_4.5.5-1_i386.deb
e93b79f0e4cdc6483567a4a54ed6d48e 52350 oldlibs extra
libapache2-webauth_4.5.5-1_all.deb
6d89b4af418c24c422dbca3a492e3a86 51612 oldlibs extra
libapache2-webkdc_4.5.5-1_all.deb
043ee54ee0956416989a54d1fcb385ce 146128 perl optional
libwebauth-perl_4.5.5-1_i386.deb
c925986af1685d8930b72a0a9437462f 84896 libs optional
libwebauth10_4.5.5-1_i386.deb
8ff2350b2d2c3e8f8a4f175cefa4d413 100708 libdevel extra
libwebauth-dev_4.5.5-1_i386.deb
5aa7922f133b18a72be3220adc0c8a85 120734 perl optional
libwebkdc-perl_4.5.5-1_all.deb
c495646e901f6e3c529cc5932b45c5ee 62444 web optional
webauth-tests_4.5.5-1_all.deb
f1e8b1ae5e6c55282fc68cbbba7e9cb4 60610 web optional
webauth-utils_4.5.5-1_i386.deb
5f704e79fcad8f4b92018c142ac2c777 120924 web optional
webauth-weblogin_4.5.5-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
iQEcBAEBCAAGBQJSIUIDAAoJEH2AMVxXNt51npsH/2vNafpkVjHBiSMdu3YCglDB
4XR50TiBI/u3bfY/V6tF9Tr7L5yvQRstSwSIuMv3DQzy8WX/E6ekEyAScsk/PiVY
iZ/JIekk59phz7KgATLWnNZt+40lDdaEOdWBKngzKUepEsNHpmdhqcTCDFLTM4hD
x6k9NCbDahl261OFd9c0BdZh/TNNwEk+1zfho3sWlXiusPB41uKdTS4RSjIZhpyO
zSOQsK0K7ld5PqDXe9k9myxHwA5gMRQMbxG/tTyKmBgPfU16a5Y32/7Gv5/P8X4n
0RE55e6MJgz1ptzECanZ2KyjNwfIg/f9Ww/pYdU9BNage/AHVAErjb+P7JFXiX8=
=bnM4
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/e1vfzpu-0003ew...@franck.debian.org
