ELSA-2019-0766
- ULN >
- Oracle Linux Errata repository >
- ELSA-2019-0766
ELSA-2019-0766 - mod_auth_mellon security and bug fix update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2019-04-16 |
Description
[0.14.0-2.4]
- Actually apply the patch in the previous build
- Resolves: rhbz#1697488 - CVE-2019-3877 mod_auth_mellon: open redirect
in logout url when using URLs with backslashes
[0.14.0-2.3]
- Resolves: rhbz#1697488 - CVE-2019-3877 mod_auth_mellon: open redirect
in logout url when using URLs with backslashes
[rhel-7] [rhel-7.6.z]
[0.14.0-2.2]
- Resolves: rhbz#1697487 - mod_auth_mellon Cert files name wrong when
hostname contains a number
[0.14.0-2.1]
- Resolves: rhbz#1692455 - CVE-2019-3878 mod_auth_mellon: authentication
bypass in ECP flow [rhel-7.6.z]
Related CVEs
| CVE-2019-3877 |
| CVE-2019-3878 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (aarch64) | mod_auth_mellon-0.14.0-2.el7_6.4.src.rpm | a3c8ef8f56edd3464cf0f5a498535f5e | ELBA-2020-5036 |
| mod_auth_mellon-0.14.0-2.el7_6.4.aarch64.rpm | e8ea2d3df774fb2603397e0a6d173267 | ELBA-2020-5036 | |
| mod_auth_mellon-diagnostics-0.14.0-2.el7_6.4.aarch64.rpm | dffd70c3c8d8311978e066047138e6c4 | ELBA-2020-5036 | |
| Oracle Linux 7 (x86_64) | mod_auth_mellon-0.14.0-2.el7_6.4.src.rpm | a3c8ef8f56edd3464cf0f5a498535f5e | ELBA-2020-5036 |
| mod_auth_mellon-0.14.0-2.el7_6.4.x86_64.rpm | 783d3fa4e33ab78aea8331cdb92ba281 | ELBA-2020-5036 | |
| mod_auth_mellon-diagnostics-0.14.0-2.el7_6.4.x86_64.rpm | 1b64ed529480fbf354ccbbf5915f3960 | ELBA-2020-5036 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
