ELSA-2019-3421
- ULN >
- Oracle Linux Errata repository >
- ELSA-2019-3421
ELSA-2019-3421 - mod_auth_mellon security, bug fix, and enhancement update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2019-11-14 |
Description
[0.14.0-9]
- Just bump the release number
- Related: rhbz#1718238 - mod_auth_mellon-diagnostics RPM not in product
listings
[0.14.0-8]
- Resolves: rhbz#1691894 - [RFE] Config option to change mod_auth_mellon prefix
[0.14.0-7]
- Apply the patch from the previous commit
- Resolves: rhbz#1692471 - CVE-2019-3877 appstream/mod_auth_mellon: open
redirect in logout url when using URLs with
backslashes [rhel-8]
[0.14.0-6]
- Resolves: rhbz#1692471 - CVE-2019-3877 appstream/mod_auth_mellon: open
redirect in logout url when using URLs with
backslashes [rhel-8]
[0.14.0-5]
- Resolves: rhbz#1692457 - CVE-2019-3878 mod_auth_mellon: authentication
bypass in ECP flow [rhel-8.1.0]
[0.14.0-4]
- Resolves: rhbz#1702695 - fresh install of mod_auth_mellon shows rpm
verification warnings
Related CVEs
| CVE-2019-3877 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 8 (aarch64) | mod_auth_mellon-0.14.0-9.el8.src.rpm | 6e6037209528d9a154d846582e46e911 | - |
| mod_auth_mellon-0.14.0-9.el8.aarch64.rpm | e6631d9052a6c050024164ac36bd3012 | - | |
| mod_auth_mellon-diagnostics-0.14.0-9.el8.aarch64.rpm | c0270a6968c9a9c11f384c6c522b2c49 | - | |
| Oracle Linux 8 (x86_64) | mod_auth_mellon-0.14.0-9.el8.src.rpm | 6e6037209528d9a154d846582e46e911 | - |
| mod_auth_mellon-0.14.0-9.el8.x86_64.rpm | 4d77a8302e06ff621ce3cbcdbe42588b | - | |
| mod_auth_mellon-diagnostics-0.14.0-9.el8.x86_64.rpm | 3932b21c356877d1c4e02c82fde503e7 | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
