ELSA-2024-5289

ULN >
Oracle Linux Errata repository >
ELSA-2024-5289

ELSA-2024-5289 - mod_auth_openidc:2.3 security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-08-14

Description

cjose
mod_auth_openidc
[2.4.9.4-6]
- Resolves: RHEL-36492 Race condition in mod_auth_openidc filecache
- Resolves: RHEL-25421 mod_auth_openidc: DoS when using
OIDCSessionType client-cookie and manipulating cookies
(CVE-2024-24814)

Related CVEs

CVE-2024-24814

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	cjose-0.6.1-4.module+el8.10.0+90385+c8f58f84.src.rpm	bae044fff496e041666b34d29a5756a215558e237fc8ac71031e031a04a56b6e	-	ol8_aarch64_appstream
	mod_auth_openidc-2.4.9.4-6.module+el8.10.0+90385+c8f58f84.src.rpm	105ac1107ba597e854732193b056171fcc6c98e689109386d70b2855eddabdee	-	ol8_aarch64_appstream
	cjose-0.6.1-4.module+el8.10.0+90385+c8f58f84.aarch64.rpm	bad6fe5aa4c29d05c85ac7a12ff92c7ea56b9569e8c0007f9998063f3af75d95	-	ol8_aarch64_appstream
	cjose-devel-0.6.1-4.module+el8.10.0+90385+c8f58f84.aarch64.rpm	4ab42582a5a0f3b1ee481f63d53de430e04a2f44e1450b08b2ce99b24d8219ba	-	ol8_aarch64_appstream
	mod_auth_openidc-2.4.9.4-6.module+el8.10.0+90385+c8f58f84.aarch64.rpm	0d9d0369a9242a94cc6d8e8399c005492e8be8b22cccdc4d0cb2c20623e5a80c	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	cjose-0.6.1-4.module+el8.10.0+90385+c8f58f84.src.rpm	bae044fff496e041666b34d29a5756a215558e237fc8ac71031e031a04a56b6e	-	ol8_x86_64_appstream
	mod_auth_openidc-2.4.9.4-6.module+el8.10.0+90385+c8f58f84.src.rpm	105ac1107ba597e854732193b056171fcc6c98e689109386d70b2855eddabdee	-	ol8_x86_64_appstream
	cjose-0.6.1-4.module+el8.10.0+90385+c8f58f84.x86_64.rpm	34e05cb83dc78f8559fbdc8f6ac172b3bdea37bbfad9949f7527884e275b218a	-	ol8_x86_64_appstream
	cjose-devel-0.6.1-4.module+el8.10.0+90385+c8f58f84.x86_64.rpm	0864efebb06b10a829774659c5ca2db541a9c49ed56786a25a97652dca937d6e	-	ol8_x86_64_appstream
	mod_auth_openidc-2.4.9.4-6.module+el8.10.0+90385+c8f58f84.x86_64.rpm	3b7881d70a6efa8bf7a04cc603a7edca7344634958f113e47cab1f9e132ed2d8	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691