Ubuntu
lasso package

ubuntu/+source/lasso:applied/ubuntu/bionic-security

  1. Git
  2. lp:ubuntu/+source/lasso
  3. applied/ubuntu/bionic-security
Last commit made on 2021-06-02
Get this branch:
git clone -b applied/ubuntu/bionic-security https://git.launchpad.net/ubuntu/+source/lasso
Members of git-ubuntu import can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/bionic-security
Repository:
lp:ubuntu/+source/lasso

Recent commits

c9c422e... by Steve Beattie

2.5.1-0ubuntu1.2 (patches applied)

Imported using git-ubuntu import.

0780ec5... by Steve Beattie

[PATCH] Fix signature checking on unsigned response with multiple

Gbp-Pq: CVE-2021-28091.patch.

2b58063... by Steve Beattie

[PATCH] Use INSTALLDIRS=vendor for the Perl bindings, as per the

Gbp-Pq: Use-INSTALLDIRS-vendor-for-the-Perl-bindings-as-per-.patch.

85616a5... by Steve Beattie

PAOS: Do not populate "Destination" attribute

Gbp-Pq: PAOS-Do-not-populate-Destination-attribute.patch.

be64f4c... by Steve Beattie

2.5.1-0ubuntu1.2 (patches unapplied)

Imported using git-ubuntu import.

f1c4d68... by Christian Ehrhardt 

changelog: release for bionic

Signed-off-by: Christian Ehrhardt <email address hidden>

496b4f1... by Christian Ehrhardt 

changelog: Do not populate Destination attribute (LP: #1833299)

Signed-off-by: Christian Ehrhardt <email address hidden>

499de56... by Christian Ehrhardt 

PAOS: Do not populate "Destination" attribute

When ECP profile (saml-ecp-v2.0-cs01) is used with PAOS binding Lasso
populates an AuthnRequest with the "Destination" attribute set to
AssertionConsumerURL of an SP - this leads to IdP-side errors because
the destination attribute in the request does not match the IdP URL.

The "Destination" attribute is mandatory only for HTTP Redirect and HTTP
Post bindings when AuthRequests are signed per saml-bindings-2.0-os
(sections 3.4.5.2 and 3.5.5.2). Specifically for PAOS it makes sense to
avoid setting that optional attribute because an ECP decides which IdP
to use, not the SP.

This patch was merged upstream: https://dev.entrouvert.org/issues/34409

New changelog entries:

* d/p/PAOS-Do-not-populate-Destination-attribute.patch: Do not populate
  "Destination" attribute (LP: #1833299)

Signed-off-by: Christian Ehrhardt <email address hidden>

a467664... by Dmitrii Shcherbakov

2.5.1-0ubuntu1.1 (patches applied)

Imported using git-ubuntu import.

19d9f55... by Dmitrii Shcherbakov

[PATCH] Use INSTALLDIRS=vendor for the Perl bindings, as per the

Gbp-Pq: Use-INSTALLDIRS-vendor-for-the-Perl-bindings-as-per-.patch.