ELSA-2020-3032
- ULN >
- Oracle Linux Errata repository >
- ELSA-2020-3032
ELSA-2020-3032 - mod_auth_openidc:2.3 security and bug fix update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2020-07-29 |
Description
cjose
[0.6.1-2]
- fix concatkdf big endian architecture problem.
Upstream issue #77.
[0.6.1-1]
- upgrade to latest upstream 0.6.1
[0.5.1-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
[0.5.1-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
[0.5.1-1]
- Initial packaging
mod_auth_openidc
[2.3.7-4.3]
- Actually apply the previous patch, sigh
- Related: rhbz#1820666 - CVE-2019-14857 mod_auth_openidc:2.3/mod_auth_openidc:
Open redirect in logout url when using URLs with
leading slashes [rhel-8.2.0.z]
- Related: rhbz#1820662 - CVE-2019-20479 mod_auth_openidc:2.3/mod_auth_openidc:
open redirect issue exists in URLs with slash and
backslash [rhel-8.2.0.z]
[2.3.7-4.2]
- Fix the previous backport
- Related: rhbz#1820666 - CVE-2019-14857 mod_auth_openidc:2.3/mod_auth_openidc:
Open redirect in logout url when using URLs with
leading slashes [rhel-8.2.0.z]
- Related: rhbz#1820662 - CVE-2019-20479 mod_auth_openidc:2.3/mod_auth_openidc:
open redirect issue exists in URLs with slash and
backslash [rhel-8.2.0.z]
[2.3.7-4.1]
- Resolves: rhbz#1820666 - CVE-2019-14857 mod_auth_openidc:2.3/mod_auth_openidc:
Open redirect in logout url when using URLs with
leading slashes [rhel-8.2.0.z]
- Resolves: rhbz#1820662 - CVE-2019-20479 mod_auth_openidc:2.3/mod_auth_openidc:
open redirect issue exists in URLs with slash and
backslash [rhel-8.2.0.z]
Related CVEs
| CVE-2019-14857 |
| CVE-2019-20479 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 8 (aarch64) | cjose-0.6.1-2.module+el8+5139+bcb28322.src.rpm | 1cc167d14b0f3f03da82d7a14f4f763a | - |
| mod_auth_openidc-2.3.7-4.module+el8.2.0+7637+70221d24.3.src.rpm | e7a0e0aecbd3b11d8ad8d9c20283bf03 | - | |
| cjose-0.6.1-2.module+el8+5139+bcb28322.aarch64.rpm | 133688f63419961809f191751ceac9ba | - | |
| cjose-devel-0.6.1-2.module+el8+5139+bcb28322.aarch64.rpm | de2a21ff00acf4b8c6b8f773fcb6cf5e | - | |
| mod_auth_openidc-2.3.7-4.module+el8.2.0+7637+70221d24.3.aarch64.rpm | 029c0c2d660b6145dbffa4dfb1ad95b0 | - | |
| Oracle Linux 8 (x86_64) | cjose-0.6.1-2.module+el8+5139+bcb28322.src.rpm | 1cc167d14b0f3f03da82d7a14f4f763a | - |
| mod_auth_openidc-2.3.7-4.module+el8.2.0+7637+70221d24.3.src.rpm | e7a0e0aecbd3b11d8ad8d9c20283bf03 | - | |
| cjose-0.6.1-2.module+el8+5139+bcb28322.x86_64.rpm | 23c6745a452b98ed3be8819511c84376 | - | |
| cjose-devel-0.6.1-2.module+el8+5139+bcb28322.x86_64.rpm | 0eac675499d2e7532f5d378c111bdc08 | - | |
| mod_auth_openidc-2.3.7-4.module+el8.2.0+7637+70221d24.3.x86_64.rpm | 2cffddf75a886d7351be9f2764794c61 | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
