ELSA-2025-9396 - mod_auth_openidc security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2025-06-23 |
Description
[2.4.10-1.el9_6.2]
Resolves: RHEL-95948 - mod_auth_openidc: DoS via Empty POST in mod_auth_openidc
with OIDCPreservePost Enabled (CVE-2025-3891)
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle Linux 9 (aarch64) | mod_auth_openidc-2.4.10-1.el9_6.2.src.rpm | 91620fded8810ef9e97099ebae19767d763b063a5a92a2441b4c5de7dc6b10a7 | - | ol9_aarch64_appstream |
| mod_auth_openidc-2.4.10-1.el9_6.2.aarch64.rpm | 23d7c65b72978a33ec177be6b2cc58ef551fb5e2d6c9014448721bb1c4d4cd09 | - | ol9_aarch64_appstream |
|
| Oracle Linux 9 (x86_64) | mod_auth_openidc-2.4.10-1.el9_6.2.src.rpm | 91620fded8810ef9e97099ebae19767d763b063a5a92a2441b4c5de7dc6b10a7 | - | ol9_x86_64_appstream |
| mod_auth_openidc-2.4.10-1.el9_6.2.x86_64.rpm | 6b62c427903e5c86e91a67ba60e7ce83365187040885ff8dad7973791c1d615a | - | ol9_x86_64_appstream |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
