← Back to team overview

desktop-packages team mailing list archive

[Bug 1449268] Re: Allow disabling sending of state parameter

 

This bug was fixed in the package signon-plugin-oauth2 -
0.22+15.10.20150603-0ubuntu1

---------------
signon-plugin-oauth2 (0.22+15.10.20150603-0ubuntu1) wily; urgency=medium

  [ Alberto Mardegan ]
  * Merge from upstream
    - Fix unreliable test
    - Disconnect from reply on SSL errors (LP: #1447119)
    - Allow disabling the "state" parameter (LP: #1449268)

signon-plugin-oauth2 (0.22+15.04.20150417-0ubuntu1) vivid;
urgency=medium

  [ Alberto Mardegan ]
  * New upstream release
    - Return the list of granted permissions to the client
    - Require Qt5 for building
    - Use a "state" parameter to protect against CSRF (LP: #1432857)

  [ CI Train Bot ]
  * New rebuild forced.

signon-plugin-oauth2 (0.21+15.04.20150327-0ubuntu1) vivid;
urgency=medium

  * New rebuild forced.

signon-plugin-oauth2 (0.21+15.04.20150319-0ubuntu1) vivid;
urgency=medium

  [ Alberto Mardegan ]
  * Remove dependency on signon-ui (LP: #1362640)

signon-plugin-oauth2 (0.21+15.04.20150128-0ubuntu2) UNRELEASED;
urgency=medium

  * Merge from upstream
    - Proceed with the normal authentication if an error occurs when using the
      RefreshToken (LP: #1420934)
    - Remove the unused "type" query parameters which breaks DropBox

signon-plugin-oauth2 (0.21+15.04.20150128-0ubuntu1) vivid;
urgency=medium

  [ Alberto Mardegan ]
  * New upstream release
    - Add ForceTokenRefresh flag for forcing a new token
    - OAuth2: implement a fallback mechanism when parsing replies
      (LP: #1415376)
    - Fixes build with -Werror=unused-variable
    - Improve test coverage

signon-plugin-oauth2 (0.20+15.04.20141110-0ubuntu1) vivid; urgency=low

  [ Ubuntu daily release ]
  * New rebuild forced

  [ Alberto Mardegan ]
  * Merge from upstream

signon-plugin-oauth2 (0.20+15.04.20141031-0ubuntu1) vivid; urgency=low

  [ Ubuntu daily release ]
  * New rebuild forced

  [ Alberto Mardegan ]
  * Delay instantiation of QNetworkAccessManager (LP: #1377181)

signon-plugin-oauth2 (0.20+14.10.20140912.1-0ubuntu1) utopic;
urgency=medium

  [ Alberto Mardegan ]
  * New upstream release
    - OAuth 2.0: follow the spec more closely, add Vimeo support
    - Tests: increase test coverage

signon-plugin-oauth2 (0.19+14.10.20140513-0ubuntu1) utopic; urgency=low

  [ Ubuntu daily release ]
  * New rebuild forced

  [ Alberto Mardegan ]
  * Do not store invalid expiration times (LP: #1316021)

signon-plugin-oauth2 (0.19+14.10.20140509.2-0ubuntu1) utopic;
urgency=low

  [ Ubuntu daily release ]
  * New rebuild forced

  [ Robert Bruce Park ]
  * Correct path in debian/signon-plugin-oauth2.install fixes FTBFS (LP:
    #1317986) (LP: #1317986)

signon-plugin-oauth2 (0.19+14.04.20140305-0ubuntu2) trusty;
urgency=medium

  * Build for Architecture:any.

signon-plugin-oauth2 (0.19+14.04.20140305-0ubuntu1) trusty; urgency=low

  [ CI bot ]
  * No change rebuild against Qt 5.2.1.

  [ Ubuntu daily release ]
  * New rebuild forced

signon-plugin-oauth2 (0.19+14.04.20131126.2-0ubuntu1) trusty;
urgency=low

  [ Alberto Mardegan ]
  * New upstream release (0.19)
    - OAuth 1.0a: allow oauth_token_secret to be empty.
  * New upstream release (0.18)
    - OAuth2: Allow clients to provide tokens to store.

  [ Ubuntu daily release ]
  * Automatic snapshot from revision 55

signon-plugin-oauth2 (0.17bzr13.04.26+13.10.20130708-0ubuntu1) saucy;
urgency=low

  [ Ken VanDine ]
  * don't build on powerpc as the new Qt5-based version don't have
    powerpc qtscripts. .

  [ Ubuntu daily release ]
  * Automatic snapshot from revision 53

signon-plugin-oauth2 (0.17bzr13.04.26+13.10.20130705-0ubuntu1) saucy;
urgency=low

  [ Ken VanDine ]
  * don't build on powerpc as the new Qt5-based version don't have
    powerpc qtscripts. .

  [ Ubuntu daily release ]
  * Automatic snapshot from revision 51

signon-plugin-oauth2 (0.17bzr13.04.26daily13.06.05.1-0ubuntu1) saucy;
urgency=low

  * Automatic snapshot from revision 49

signon-plugin-oauth2 (0.17bzr13.04.26daily13.05.01.1ubuntu.unity.next-
0ubuntu1) raring; urgency=low

  [ Alberto Mardegan ]
  * Automatic snapshot from revision 47 (bootstrap)
  * New upstream release.
    - Use libsignon-qt5 when building for Qt5

  [ Ubuntu daily release ]
  * Automatic snapshot from revision 48 (ubuntu-unity/next)

signon-plugin-oauth2 (0.15-0ubuntu1) raring; urgency=low

  * New upstream release.
    - Don't return the cached OAuth tokens to applications which have
      requested additional permissions

  [ Robert Bruce Park ]
  * Inline packaging metadata.

signon-plugin-oauth2 (0.14-0ubuntu1) raring; urgency=low

  * New upstream release.
    - Don't lose refresh token after first usage (LP: #1029289)
    - Support application/x-www-form-urlencoded replies,
      needed by github.com
  * -debian/patches/no_debug.patch
    - The next release of signond will control the amount of logging

signon-plugin-oauth2 (0.12-0ubuntu1) raring; urgency=low

  * New upstream release.

signon-plugin-oauth2 (0.11-0ubuntu3) quantal; urgency=low

  * debian/patches/no_debug.patch
    - Don't log debug info (LP: #1049949)

signon-plugin-oauth2 (0.11-0ubuntu2) quantal; urgency=low

  * debian/control
    - Dropped build depends for libqtwebkit-dev, it is no longer needed
    - Updated maintainer
  * debian/compat
    - debhelper 9

signon-plugin-oauth2 (0.11-0ubuntu1) quantal; urgency=low

  * New upstream release
  * debian/patches/run_tests.patch
    - use xvfb-run and dbus-test-runner for tests and fail the build if
      the tests fail

signon-plugin-oauth2 (0.10+bzr41-0quantal1) quantal; urgency=low

  * New snapshot from tag 0.10-bzr41

signon-plugin-oauth2 (0.10+bzr39-0quantal1) quantal; urgency=low

  * rebuild for quantal

signon-plugin-oauth2 (0.10+bzr39-0precise2) precise; urgency=low

  * no change rebuild

signon-plugin-oauth2 (0.10+bzr39-0precise1) precise; urgency=low

  * New snapshot from tag 0.10-bzr39

signon-plugin-oauth2 (0.10+bzr37-0precise2) precise; urgency=low

  * Rebased on trunk to pick up missing changes

signon-plugin-oauth2 (0.10+bzr37-0precise1) precise; urgency=low

  * New snapshot from tag 0.10-bzr37

signon-plugin-oauth2 (0.10+bzr36-0precise1) precise; urgency=low

  * New snapshot from tag 0.10-bzr36

signon-plugin-oauth2 (0.10-0precise1) precise; urgency=low

  * Initial release

 -- CI Train Bot <ci-train-bot@xxxxxxxxxxxxx>  Wed, 03 Jun 2015 16:51:12
+0000

** Changed in: signon-plugin-oauth2 (Ubuntu)
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to signon-plugin-oauth2 in Ubuntu.
https://bugs.launchpad.net/bugs/1449268

Title:
  Allow disabling sending of state parameter

Status in signon-plugin-oauth2 package in Ubuntu:
  Fix Released

Bug description:
  Some account providers are less-than-compliant when it comes to OAuth,
  and automatically sending a state parameter causes breakage

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/signon-plugin-oauth2/+bug/1449268/+subscriptions


References