ELSA-2023-4418

ULN >
Oracle Linux Errata repository >
ELSA-2023-4418

ELSA-2023-4418 - mod_auth_openidc:2.3 security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2023-08-02

Description

cjose
[0.6.1-3]
- CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual
Authentication Tag provided in the JWE
Resolves: rhbz#2223308

mod_auth_openidc
[2.4.9.4-1]
- Resolves: rhbz#2025368 - Rebase to new version

Related CVEs

CVE-2023-37464

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	cjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.src.rpm	aa899c5c437fc8acc17729418ce7a09278605589083bd338f1b21f3186b7dcd4	-	ol8_aarch64_appstream
	mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.src.rpm	978d28f38c029207f1c26cb277e4e29c15f7e63a961005f8d7b62239b5cd9241	-	ol8_aarch64_appstream
	mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.src.rpm	978d28f38c029207f1c26cb277e4e29c15f7e63a961005f8d7b62239b5cd9241	-	ol8_aarch64_appstream_developer
	cjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.aarch64.rpm	5fa538df9284d13a6fb6fde13e9b99e4eae1e35fe8c4d39f739575e5ae240602	-	ol8_aarch64_appstream
	cjose-devel-0.6.1-3.module+el8.8.0+21137+b6cedbc2.aarch64.rpm	25959df08ac60ae5791d928ae7c78b47c045599304468a9f1307fb100d516352	-	ol8_aarch64_appstream
	mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.aarch64.rpm	c67783fc4f19335eb652d9e16cf9e0b280f1ce47acb20e90671178a5eb24901b	-	ol8_aarch64_appstream
	mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.aarch64.rpm	c67783fc4f19335eb652d9e16cf9e0b280f1ce47acb20e90671178a5eb24901b	-	ol8_aarch64_appstream_developer

Oracle Linux 8 (x86_64)	cjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.src.rpm	aa899c5c437fc8acc17729418ce7a09278605589083bd338f1b21f3186b7dcd4	-	ol8_x86_64_appstream
	mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.src.rpm	978d28f38c029207f1c26cb277e4e29c15f7e63a961005f8d7b62239b5cd9241	-	ol8_x86_64_appstream
	mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.src.rpm	978d28f38c029207f1c26cb277e4e29c15f7e63a961005f8d7b62239b5cd9241	-	ol8_x86_64_appstream_developer
	cjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.x86_64.rpm	167887f909fcea6329c3b6b314768f3a76177da8305c783f3c9736b3e81db55d	-	ol8_x86_64_appstream
	cjose-devel-0.6.1-3.module+el8.8.0+21137+b6cedbc2.x86_64.rpm	7966fb08fce66c1087d7becbf223c9203c906740f568658dcd2f05d69747cf03	-	ol8_x86_64_appstream
	mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.x86_64.rpm	ad881331b78fdb1e7038bcea3db9f5de957029a036a887056d3951d52fd256a0	-	ol8_x86_64_appstream
	mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.x86_64.rpm	ad881331b78fdb1e7038bcea3db9f5de957029a036a887056d3951d52fd256a0	-	ol8_x86_64_appstream_developer

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691