-
Fri Dec 22 2023 Xavier Bachelot <xavier@bachelot.org> - 2.5.1-8
- Convert to lasso-epel package to ship missing perl-lasso subpackage rhbz#2251952
-
Wed Jun 02 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.5.1-8
- Fix Coverity warning introduced by the previous patch
- Related: #1963855 - CVE-2021-28091 lasso: XML signature wrapping
vulnerability when parsing SAML responses
-
Wed Jun 02 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.5.1-7
- Fix Coverity warning introduced by the previous patch
- Related: #1963855 - CVE-2021-28091 lasso: XML signature wrapping
vulnerability when parsing SAML responses
-
Wed Jun 02 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.5.1-6
- Resolves: #1963855 - CVE-2021-28091 lasso: XML signature wrapping
vulnerability when parsing SAML responses
-
Tue Aug 06 2019 Jakub Hrozek <jhrozek@redhat.com> - 2.5.1-5
- Resolves: #1719014 - Expired certificate prevents tests from running
- Actually apply the patch file for the previous build
- Related: #1730009 - lasso includes "Destination" attribute in SAML
AuthnRequest populated with SP
AssertionConsumerServiceURL when ECP workflow
is used which leads to IdP-side errors
-
Tue Jul 23 2019 Jakub Hrozek <jhrozek@redhat.com> - 2.5.1-4
- Resolves: #1730009 - lasso includes "Destination" attribute in SAML
AuthnRequest populated with SP
AssertionConsumerServiceURL when ECP workflow
is used which leads to IdP-side errors
-
Sun Feb 10 2019 Jakub Hrozek <jhrozek@redhat.com> - 2.5.1-3
- Resolves: #1634267 - ECP signature check fails with
LASSO_DS_ERROR_SIGNATURE_NOT_FOUND when assertion signed
instead of response
-
Fri Jun 17 2016 John Dennis <jdennis@redhat.com> - 2.5.1-2
- Rebase to upstream 2.5.1
Resolves: #1310860
- add validate_idp_list_test patch
-
Thu Jun 09 2016 John Dennis <jdennis@redhat.com> - 2.5.1-1
- Rebase to upstream 2.5.1
Resolves: #1310860
-
Thu Sep 03 2015 John Dennis <jdennis@redhat.com> - 2.5.0-1
- Rebase to upstream, now includes our ECP patches, no need to patch any more
Resolves: #1205342