ELSA-2023-4418

ULN >
Oracle Linux Errata repository >
ELSA-2023-4418

ELSA-2023-4418 - mod_auth_openidc:2.3 security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2023-08-02

Description

cjose
[0.6.1-3]
- CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual
Authentication Tag provided in the JWE
Resolves: rhbz#2223308

mod_auth_openidc
[2.4.9.4-1]
- Resolves: rhbz#2025368 - Rebase to new version

Related CVEs

CVE-2023-37464

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 8 (aarch64)	cjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.src.rpm	942537c8a35f3965d1939cdd0d860128	-
	mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.src.rpm	70ee6fac96dff3588928b5d60da1341b	-
	cjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.aarch64.rpm	3bbd5d32a1bb47d15e3385089f2130b8	-
	cjose-devel-0.6.1-3.module+el8.8.0+21137+b6cedbc2.aarch64.rpm	ae4d65753f4e5181cbc889cb7bbcf008	-
	mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.aarch64.rpm	8ab11c056fe0061ecc74291bef9bd388	-

Oracle Linux 8 (x86_64)	cjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.src.rpm	942537c8a35f3965d1939cdd0d860128	-
	mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.src.rpm	70ee6fac96dff3588928b5d60da1341b	-
	cjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.x86_64.rpm	0e8f541d462a900a76edbcd55824d6c3	-
	cjose-devel-0.6.1-3.module+el8.8.0+21137+b6cedbc2.x86_64.rpm	8cc2a5a22b922a2a70e7d6e374e0eb7a	-
	mod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.x86_64.rpm	cd6f2a924939a0e43da50a84235ec67e	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691