ELSA-2020-1660

ELSA-2020-1660 - mod_auth_mellon security and bug fix update

Type:SECURITY
Severity:MODERATE
Release Date:2020-05-05

Description


[0.14.0-11]
- Resolves: rhbz#1731053 - CVE-2019-13038 mod_auth_mellon: an Open Redirect
via the login?ReturnTo= substring which could
facilitate information theft [rhel-8]

[0.14.0-10]
- Resolves: rhbz#1761774 - mod_auth_mellon fix for AJAX header name
X-Requested-With


Related CVEs


CVE-2019-13038

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) mod_auth_mellon-0.14.0-11.el8.src.rpm6c344c97ea1f4de61fac0ce94c4cfdca-
mod_auth_mellon-0.14.0-11.el8.aarch64.rpm5300285171bdf030fe7aea314f15cd06-
mod_auth_mellon-diagnostics-0.14.0-11.el8.aarch64.rpm6bcb4260fca1dcc660d387c44923a099-
Oracle Linux 8 (x86_64) mod_auth_mellon-0.14.0-11.el8.src.rpm6c344c97ea1f4de61fac0ce94c4cfdca-
mod_auth_mellon-0.14.0-11.el8.x86_64.rpm1619f3fdb8e29671f8bb452fdbc15394-
mod_auth_mellon-diagnostics-0.14.0-11.el8.x86_64.rpm6592a48c883fd2b0e8a8f4d08ef71de7-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete