Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package shibboleth-sp for openSUSE:Factory
checked in at 2023-01-17 17:35:36
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/shibboleth-sp (Old)
and /work/SRC/openSUSE:Factory/.shibboleth-sp.new.32243 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "shibboleth-sp"
Tue Jan 17 17:35:36 2023 rev:22 rq:1058849 version:3.4.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/shibboleth-sp/shibboleth-sp.changes
2022-11-23 09:48:26.291145317 +0100
+++ /work/SRC/openSUSE:Factory/.shibboleth-sp.new.32243/shibboleth-sp.changes
2023-01-17 17:35:48.493352469 +0100
@@ -1,0 +2,13 @@
+Tue Jan 17 08:57:09 UTC 2023 - Dirk Müller <dmuel...@suse.com>
+
+- update to 3.4.1:
+ * Reinforcing the xmltooling library (V3.2.3, included in this Windows
release)
+ to block an unnecessary XML Encryption construct, related to the advisory
+ issued for the IdP recently. The SP is not believed to be vulnerable, but
this
+ is a defensive measure.
+ * A warning has been added to the log when systems do not configure an
explicit
+ value for the redirectLimit setting. The default for this setting remains
+ liberal for compatibility, so the warning was requested to highlight that
+ fact.
+
+-------------------------------------------------------------------
Old:
----
shibboleth-sp-3.4.0.tar.bz2
shibboleth-sp-3.4.0.tar.bz2.asc
New:
----
shibboleth-sp-3.4.1.tar.bz2
shibboleth-sp-3.4.1.tar.bz2.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ shibboleth-sp.spec ++++++
--- /var/tmp/diff_new_pack.LuJEaY/_old 2023-01-17 17:35:49.277356890 +0100
+++ /var/tmp/diff_new_pack.LuJEaY/_new 2023-01-17 17:35:49.329357183 +0100
@@ -1,7 +1,7 @@
#
# spec file for package shibboleth-sp
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -22,14 +22,14 @@
%define realname shibboleth
%define pkgdocdir %{_docdir}/%{realname}
Name: shibboleth-sp
-Version: 3.4.0
+Version: 3.4.1
Release: 0
Summary: System for attribute-based Web Single Sign On
License: Apache-2.0
Group: Productivity/Networking/Security
URL: https://shibboleth.net/
-Source0:
http://shibboleth.net/downloads/service-provider/%{version}/%{name}-%{version}.tar.bz2
-Source1:
http://shibboleth.net/downloads/service-provider/%{version}/%{name}-%{version}.tar.bz2.asc
+Source0:
https://shibboleth.net/downloads/service-provider/%{version}/%{name}-%{version}.tar.bz2
+Source1:
https://shibboleth.net/downloads/service-provider/%{version}/%{name}-%{version}.tar.bz2.asc
Source2: %{name}.keyring
Source3: shibd.service
Patch0: shibboleth-sp-2.5.5-doxygen_timestamp.patch
++++++ shibboleth-sp-3.4.0.tar.bz2 -> shibboleth-sp-3.4.1.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shibboleth-sp-3.4.0/Makefile.in
new/shibboleth-sp-3.4.1/Makefile.in
--- old/shibboleth-sp-3.4.0/Makefile.in 2022-10-24 15:49:08.000000000 +0200
+++ new/shibboleth-sp-3.4.1/Makefile.in 2023-01-09 22:52:08.000000000 +0100
@@ -230,7 +230,7 @@
$(top_srcdir)/build-aux/install-sh \
$(top_srcdir)/build-aux/ltmain.sh \
$(top_srcdir)/build-aux/missing build-aux/compile \
- build-aux/config.guess build-aux/config.sub \
+ build-aux/config.guess build-aux/config.sub build-aux/depcomp \
build-aux/install-sh build-aux/ltmain.sh build-aux/missing
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
distdir = $(PACKAGE)-$(VERSION)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shibboleth-sp-3.4.0/config_win32.h
new/shibboleth-sp-3.4.1/config_win32.h
--- old/shibboleth-sp-3.4.0/config_win32.h 2022-10-24 15:45:10.000000000
+0200
+++ new/shibboleth-sp-3.4.1/config_win32.h 2023-01-09 22:44:36.000000000
+0100
@@ -121,13 +121,13 @@
#define PACKAGE_NAME "shibboleth"
/* Define to the full name and version of this package. */
-#define PACKAGE_STRING "shibboleth 3.4.0"
+#define PACKAGE_STRING "shibboleth 3.4.1"
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "shibboleth-sp"
/* Define to the version of this package. */
-#define PACKAGE_VERSION "3.4.0"
+#define PACKAGE_VERSION "3.4.1"
/* Define to the necessary symbol if this constant uses a non-standard name on
your system. */
@@ -140,7 +140,7 @@
/* #undef TM_IN_SYS_TIME */
/* Version number of package */
-#define VERSION "3.3.1"
+#define VERSION "3.4.1"
/* Define to empty if `const' does not conform to ANSI C. */
/* #undef const */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shibboleth-sp-3.4.0/configure
new/shibboleth-sp-3.4.1/configure
--- old/shibboleth-sp-3.4.0/configure 2022-10-24 15:49:06.000000000 +0200
+++ new/shibboleth-sp-3.4.1/configure 2023-01-09 22:52:07.000000000 +0100
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.71 for shibboleth 3.4.0.
+# Generated by GNU Autoconf 2.71 for shibboleth 3.4.1.
#
# Report bugs to <https://shibboleth.atlassian.net/jira>.
#
@@ -621,8 +621,8 @@
# Identity of this package.
PACKAGE_NAME='shibboleth'
PACKAGE_TARNAME='shibboleth-sp'
-PACKAGE_VERSION='3.4.0'
-PACKAGE_STRING='shibboleth 3.4.0'
+PACKAGE_VERSION='3.4.1'
+PACKAGE_STRING='shibboleth 3.4.1'
PACKAGE_BUGREPORT='https://shibboleth.atlassian.net/jira'
PACKAGE_URL=''
@@ -1571,7 +1571,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures shibboleth 3.4.0 to adapt to many kinds of systems.
+\`configure' configures shibboleth 3.4.1 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1642,7 +1642,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of shibboleth 3.4.0:";;
+ short | recursive ) echo "Configuration of shibboleth 3.4.1:";;
esac
cat <<\_ACEOF
@@ -1845,7 +1845,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-shibboleth configure 3.4.0
+shibboleth configure 3.4.1
generated by GNU Autoconf 2.71
Copyright (C) 2021 Free Software Foundation, Inc.
@@ -2470,7 +2470,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by shibboleth $as_me 3.4.0, which was
+It was created by shibboleth $as_me 3.4.1, which was
generated by GNU Autoconf 2.71. Invocation command line was
$ $0$ac_configure_args_raw
@@ -3958,7 +3958,7 @@
# Define the identity of the package.
PACKAGE='shibboleth-sp'
- VERSION='3.4.0'
+ VERSION='3.4.1'
printf "%s\n" "#define PACKAGE \"$PACKAGE\"" >>confdefs.h
@@ -25617,7 +25617,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by shibboleth $as_me 3.4.0, which was
+This file was extended by shibboleth $as_me 3.4.1, which was
generated by GNU Autoconf 2.71. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -25685,7 +25685,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config='$ac_cs_config_escaped'
ac_cs_version="\\
-shibboleth config.status 3.4.0
+shibboleth config.status 3.4.1
configured by $0, generated by GNU Autoconf 2.71,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shibboleth-sp-3.4.0/configure.ac
new/shibboleth-sp-3.4.1/configure.ac
--- old/shibboleth-sp-3.4.0/configure.ac 2022-10-24 15:44:22.000000000
+0200
+++ new/shibboleth-sp-3.4.1/configure.ac 2023-01-09 22:44:13.000000000
+0100
@@ -1,5 +1,5 @@
AC_PREREQ([2.50])
-AC_INIT([shibboleth],[3.4.0],[https://shibboleth.atlassian.net/jira],[shibboleth-sp])
+AC_INIT([shibboleth],[3.4.1],[https://shibboleth.atlassian.net/jira],[shibboleth-sp])
AC_CONFIG_SRCDIR(shibsp)
AC_CONFIG_AUX_DIR(build-aux)
AC_CONFIG_MACRO_DIR(m4)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shibboleth-sp-3.4.0/iis7_shib/iis7_shib.rc
new/shibboleth-sp-3.4.1/iis7_shib/iis7_shib.rc
--- old/shibboleth-sp-3.4.0/iis7_shib/iis7_shib.rc 2022-07-18
18:24:36.000000000 +0200
+++ new/shibboleth-sp-3.4.1/iis7_shib/iis7_shib.rc 2023-01-09
22:48:02.000000000 +0100
@@ -51,8 +51,8 @@
//
VS_VERSION_INFO VERSIONINFO
-FILEVERSION RC_FILE_VERSION, 3
-PRODUCTVERSION RC_PRODUCT_VERSION, 1
+FILEVERSION RC_FILE_VERSION, 0
+PRODUCTVERSION RC_PRODUCT_VERSION, 0
FILEFLAGSMASK 0x3fL
#ifdef _DEBUG
FILEFLAGS 0x1L
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shibboleth-sp-3.4.0/shibboleth.spec
new/shibboleth-sp-3.4.1/shibboleth.spec
--- old/shibboleth-sp-3.4.0/shibboleth.spec 2022-11-02 15:52:25.000000000
+0100
+++ new/shibboleth-sp-3.4.1/shibboleth.spec 2023-01-09 22:52:35.000000000
+0100
@@ -1,5 +1,5 @@
Name: shibboleth
-Version: 3.4.0
+Version: 3.4.1
Release: 1
Summary: Open source system for attribute-based Web SSO
Group: Productivity/Networking/Security
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shibboleth-sp-3.4.0/shibsp/Makefile.am
new/shibboleth-sp-3.4.1/shibsp/Makefile.am
--- old/shibboleth-sp-3.4.0/shibsp/Makefile.am 2022-10-24 17:45:30.000000000
+0200
+++ new/shibboleth-sp-3.4.1/shibsp/Makefile.am 2023-01-09 22:45:35.000000000
+0100
@@ -244,7 +244,7 @@
# this is different from the project version
# http://sources.redhat.com/autobook/autobook/autobook_91.html
-libshibsp_la_LDFLAGS = -version-info 11:0:0
+libshibsp_la_LDFLAGS = -version-info 11:1:0
libshibsp_la_CXXFLAGS = \
$(AM_CXXFLAGS) \
$(BOOST_CPPFLAGS) \
@@ -263,7 +263,7 @@
$(xerces_LIBS) \
$(xmlsec_LIBS) \
$(xmltooling_LIBS)
-libshibsp_lite_la_LDFLAGS = -version-info 11:0:0
+libshibsp_lite_la_LDFLAGS = -version-info 11:1:0
libshibsp_lite_la_CXXFLAGS = -DSHIBSP_LITE \
$(AM_CXXFLAGS) \
$(BOOST_CPPFLAGS) \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shibboleth-sp-3.4.0/shibsp/Makefile.in
new/shibboleth-sp-3.4.1/shibsp/Makefile.in
--- old/shibboleth-sp-3.4.0/shibsp/Makefile.in 2022-11-02 15:14:38.000000000
+0100
+++ new/shibboleth-sp-3.4.1/shibsp/Makefile.in 2023-01-09 22:52:08.000000000
+0100
@@ -1067,7 +1067,7 @@
# this is different from the project version
# http://sources.redhat.com/autobook/autobook/autobook_91.html
-libshibsp_la_LDFLAGS = -version-info 11:0:0
+libshibsp_la_LDFLAGS = -version-info 11:1:0
libshibsp_la_CXXFLAGS = \
$(AM_CXXFLAGS) \
$(BOOST_CPPFLAGS) \
@@ -1088,7 +1088,7 @@
$(xmlsec_LIBS) \
$(xmltooling_LIBS)
-libshibsp_lite_la_LDFLAGS = -version-info 11:0:0
+libshibsp_lite_la_LDFLAGS = -version-info 11:1:0
libshibsp_lite_la_CXXFLAGS = -DSHIBSP_LITE \
$(AM_CXXFLAGS) \
$(BOOST_CPPFLAGS) \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shibboleth-sp-3.4.0/shibsp/impl/XMLApplication.cpp
new/shibboleth-sp-3.4.1/shibsp/impl/XMLApplication.cpp
--- old/shibboleth-sp-3.4.0/shibsp/impl/XMLApplication.cpp 2022-07-18
18:24:36.000000000 +0200
+++ new/shibboleth-sp-3.4.1/shibsp/impl/XMLApplication.cpp 2023-01-09
23:05:59.000000000 +0100
@@ -175,8 +175,12 @@
}
}
}
+ else if (base) {
+ m_redirectLimit = REDIRECT_LIMIT_INHERIT;
+ }
else {
- m_redirectLimit = base ? REDIRECT_LIMIT_INHERIT :
REDIRECT_LIMIT_NONE;
+ m_redirectLimit = REDIRECT_LIMIT_NONE;
+ log.warn("redirectLimit not set, system will operate as an open
redirector if not corrected");
}
// Audit some additional settings for logging purposes.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/shibboleth-sp-3.4.0/shibsp/metadata/DynamicMetadataProvider.cpp
new/shibboleth-sp-3.4.1/shibsp/metadata/DynamicMetadataProvider.cpp
--- old/shibboleth-sp-3.4.0/shibsp/metadata/DynamicMetadataProvider.cpp
2021-10-05 21:20:47.000000000 +0200
+++ new/shibboleth-sp-3.4.1/shibsp/metadata/DynamicMetadataProvider.cpp
2023-01-10 16:31:20.000000000 +0100
@@ -193,6 +193,10 @@
if (!m_cacheDir.empty()) {
XMLToolingConfig::getConfig().getPathResolver()->resolve(m_cacheDir,
PathResolver::XMLTOOLING_CACHE_FILE);
m_backgroundInit = XMLHelper::getAttrBool(e, true, backgroundInit);
+ if (m_backgroundInit &&
SPConfig::getConfig().isEnabled(SPConfig::RequestMapping)) {
+ m_backgroundInit = false;
+ m_log.info("disabling background initialization for configuration
test");
+ }
}
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/shibboleth-sp-3.4.0/shibsp/remoting/impl/SocketListener.cpp
new/shibboleth-sp-3.4.1/shibsp/remoting/impl/SocketListener.cpp
--- old/shibboleth-sp-3.4.0/shibsp/remoting/impl/SocketListener.cpp
2022-10-24 15:34:18.000000000 +0200
+++ new/shibboleth-sp-3.4.1/shibsp/remoting/impl/SocketListener.cpp
2023-01-09 22:50:53.000000000 +0100
@@ -451,15 +451,21 @@
fn = "unknown";
#ifdef WIN32
int rc=WSAGetLastError();
- if (rc == WSAECONNRESET) {
- log->debug("socket connection reset");
- return false;
- }
#else
int rc=errno;
#endif
if (native_error != nullptr)
*native_error = rc;
+
+#ifdef WIN32
+ if (rc == WSAECONNRESET) {
+#else
+ if (rc == ECONNRESET) {
+#endif
+ log->debug("socket connection reset");
+ return false;
+ }
+
const char *msg;
#ifdef HAVE_STRERROR_R
char buf[256];
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shibboleth-sp-3.4.0/shibsp/shibsp.rc
new/shibboleth-sp-3.4.1/shibsp/shibsp.rc
--- old/shibboleth-sp-3.4.0/shibsp/shibsp.rc 2022-10-24 15:46:21.000000000
+0200
+++ new/shibboleth-sp-3.4.1/shibsp/shibsp.rc 2023-01-09 22:46:07.000000000
+0100
@@ -64,7 +64,7 @@
VALUE "InternalName", "shibsp3_4\0"
#endif
#endif
- VALUE "LegalCopyright", "Copyright 2022 Various\0"
+ VALUE "LegalCopyright", "Copyright 2023 Various\0"
VALUE "LegalTrademarks", "\0"
#ifdef SHIBSP_LITE
#ifdef _DEBUG
@@ -80,8 +80,8 @@
#endif
#endif
VALUE "PrivateBuild", "\0"
- VALUE "ProductName", "Shibboleth 3.4.0\0"
- VALUE "ProductVersion", "3, 4, 0, 0\0"
+ VALUE "ProductName", "Shibboleth 3.4.1\0"
+ VALUE "ProductVersion", "3, 4, 1, 0\0"
VALUE "SpecialBuild", "\0"
END
END
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shibboleth-sp-3.4.0/shibsp/version.h
new/shibboleth-sp-3.4.1/shibsp/version.h
--- old/shibboleth-sp-3.4.0/shibsp/version.h 2022-10-24 15:45:30.000000000
+0200
+++ new/shibboleth-sp-3.4.1/shibsp/version.h 2023-01-09 22:44:54.000000000
+0100
@@ -44,7 +44,7 @@
#define SHIBSP_VERSION_MAJOR 3
#define SHIBSP_VERSION_MINOR 4
-#define SHIBSP_VERSION_REVISION 0
+#define SHIBSP_VERSION_REVISION 1
/** DO NOT MODIFY BELOW THIS LINE */
