ELSA-2024-9180 - mod_auth_openidc security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2024-11-14 |
Description
[2.4.10-1]
Rebase to 2.4.10 version improves state cookies piling up problem
Resolves: RHEL-32450 Race condition in mod_auth_openidc filecache
Resolves: RHEL-25422 mod_auth_openidc: DoS when using
OIDCSessionType client-cookie and manipulating cookies
(CVE-2024-24814)
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle Linux 9 (aarch64) | mod_auth_openidc-2.4.10-1.el9.src.rpm | 613fa8f39605e5ebd7350bb34465016bf707bad0ac81c403e937e47f26d33ed5 | - | ol9_aarch64_appstream |
| mod_auth_openidc-2.4.10-1.el9.aarch64.rpm | bb80d83fff9979c21abc9dd9b0e134c747a227ce32a734a0ea6ea8233d21d320 | - | ol9_aarch64_appstream |
|
| Oracle Linux 9 (x86_64) | mod_auth_openidc-2.4.10-1.el9.src.rpm | 613fa8f39605e5ebd7350bb34465016bf707bad0ac81c403e937e47f26d33ed5 | - | ol9_x86_64_appstream |
| mod_auth_openidc-2.4.10-1.el9.x86_64.rpm | a15a3a7ebafbb61d351c180aaba69270a12161b8ee7bcc27dac87dc52477b389 | - | ol9_x86_64_appstream |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
