From d488b02753b792a163854a19355990224f0a00af Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Nov 15 2022 06:49:41 +0000
Subject: import mod_auth_mellon-0.17.0-7.el9


---

diff --git a/SPECS/mod_auth_mellon.spec b/SPECS/mod_auth_mellon.spec
index e5eb3dc..666e1f9 100644
--- a/SPECS/mod_auth_mellon.spec
+++ b/SPECS/mod_auth_mellon.spec
@@ -1,7 +1,7 @@
 Summary: A SAML 2.0 authentication module for the Apache Httpd Server
 Name: mod_auth_mellon
 Version: 0.17.0
-Release: 6%{?dist}
+Release: 7%{?dist}
 Source0: https://github.com/latchset/mod_auth_mellon/releases/download/v0.17.0/mod_auth_mellon-0.17.0.tar.gz
 Source1: auth_mellon.conf
 Source2: 10-auth_mellon.conf
@@ -100,9 +100,13 @@ in the doc directory for instructions on using the diagnostics build.
 %{_httpd_moddir}/mod_auth_mellon.so
 %{_tmpfilesdir}/mod_auth_mellon.conf
 %{_libexecdir}/%{name}
-%dir /run/%{name}/
+%dir %attr(-, apache, apache) /run/%{name}/
 
 %changelog
+* Tue Jul 26 2022 Tomas Halman <thalman@redhat.com> - 0.17.0-7
+- bad user/group ownership for /run/mod_auth_mellon
+  Resolves: rhbz#2047948
+
 * Fri Jul 30 2021 Jakub Hrozek <jhrozek@redhat.com> - 0.17.0-6
 - Related: rhbz#1986806 - CVE-2021-3639 mod_auth_mellon: Open Redirect
                           vulnerability in logout URLs