ELSA-2020-1660

ULN >
Oracle Linux Errata repository >
ELSA-2020-1660

ELSA-2020-1660 - mod_auth_mellon security and bug fix update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2020-05-05

Description

[0.14.0-11]
- Resolves: rhbz#1731053 - CVE-2019-13038 mod_auth_mellon: an Open Redirect
via the login?ReturnTo= substring which could
facilitate information theft [rhel-8]

[0.14.0-10]
- Resolves: rhbz#1761774 - mod_auth_mellon fix for AJAX header name
X-Requested-With

Related CVEs

CVE-2019-13038

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	mod_auth_mellon-0.14.0-11.el8.src.rpm	5bff4a1f73880fe5a76f91894055417589431008e4a20a9d07b73f388114f14d	-	ol8_aarch64_appstream
	mod_auth_mellon-0.14.0-11.el8.aarch64.rpm	6670c185ad32290d437db477d9edc045342a467bbb10cbf40638c3bfa90a96d8	-	ol8_aarch64_appstream
	mod_auth_mellon-diagnostics-0.14.0-11.el8.aarch64.rpm	2b5e95169763123434bd82806f2f7377dbc160e8f6b5651a0dcfb49a9a461ff0	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	mod_auth_mellon-0.14.0-11.el8.src.rpm	5bff4a1f73880fe5a76f91894055417589431008e4a20a9d07b73f388114f14d	-	ol8_x86_64_appstream
	mod_auth_mellon-0.14.0-11.el8.x86_64.rpm	42f31fa2973eec31f57a95e3222921a7cd235513b42ab3dac6035a2da70f308b	-	ol8_x86_64_appstream
	mod_auth_mellon-diagnostics-0.14.0-11.el8.x86_64.rpm	ed6e6f83a31a927c88cf5c0a9ec6105f2586c36c78a288e0170217c4eca3c3be	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691