mod_auth_openidc:2.3 security and bug fix update

2020-07-2900:00:00

linux.oracle.com

0.003 Low

EPSS

Percentile

69.0%

JSON

cjose
[0.6.1-2]

fix concatkdf big endian architecture problem.
Upstream issue #77.
[0.6.1-1]
upgrade to latest upstream 0.6.1
[0.5.1-3]
Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
[0.5.1-2]
Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
[0.5.1-1]
Initial packaging
mod_auth_openidc
[2.3.7-4.3]
Actually apply the previous patch, sigh
Related: rhbz#1820666 - CVE-2019-14857 mod_auth_openidc:2.3/mod_auth_openidc:
Open redirect in logout url when using URLs with
leading slashes [rhel-8.2.0.z]
Related: rhbz#1820662 - CVE-2019-20479 mod_auth_openidc:2.3/mod_auth_openidc:
open redirect issue exists in URLs with slash and
backslash [rhel-8.2.0.z]
[2.3.7-4.2]
Fix the previous backport
Related: rhbz#1820666 - CVE-2019-14857 mod_auth_openidc:2.3/mod_auth_openidc:
Open redirect in logout url when using URLs with
leading slashes [rhel-8.2.0.z]
Related: rhbz#1820662 - CVE-2019-20479 mod_auth_openidc:2.3/mod_auth_openidc:
open redirect issue exists in URLs with slash and
backslash [rhel-8.2.0.z]
[2.3.7-4.1]
Resolves: rhbz#1820666 - CVE-2019-14857 mod_auth_openidc:2.3/mod_auth_openidc:
Open redirect in logout url when using URLs with
leading slashes [rhel-8.2.0.z]
Resolves: rhbz#1820662 - CVE-2019-20479 mod_auth_openidc:2.3/mod_auth_openidc:
open redirect issue exists in URLs with slash and
backslash [rhel-8.2.0.z]

OSVersionArchitecturePackageVersionFilename
oracle linux8srccjose< 0.6.1-2.modulecjose-0.6.1-2.module+el8+5139+bcb28322.src.rpm
oracle linux8srcmod_auth_openidc< 2.3.7-4.modulemod_auth_openidc-2.3.7-4.module+el8.2.0+7637+70221d24.3.src.rpm
oracle linux8aarch64cjose< 0.6.1-2.modulecjose-0.6.1-2.module+el8+5139+bcb28322.aarch64.rpm
oracle linux8aarch64cjose-devel< 0.6.1-2.modulecjose-devel-0.6.1-2.module+el8+5139+bcb28322.aarch64.rpm
oracle linux8aarch64mod_auth_openidc< 2.3.7-4.modulemod_auth_openidc-2.3.7-4.module+el8.2.0+7637+70221d24.3.aarch64.rpm
oracle linux8srccjose< 0.6.1-2.modulecjose-0.6.1-2.module+el8+5139+bcb28322.src.rpm
oracle linux8srcmod_auth_openidc< 2.3.7-4.modulemod_auth_openidc-2.3.7-4.module+el8.2.0+7637+70221d24.3.src.rpm
oracle linux8x86_64cjose< 0.6.1-2.modulecjose-0.6.1-2.module+el8+5139+bcb28322.x86_64.rpm
oracle linux8x86_64cjose-devel< 0.6.1-2.modulecjose-devel-0.6.1-2.module+el8+5139+bcb28322.x86_64.rpm
oracle linux8x86_64mod_auth_openidc< 2.3.7-4.modulemod_auth_openidc-2.3.7-4.module+el8.2.0+7637+70221d24.3.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	8	src	cjose	< 0.6.1-2.module	cjose-0.6.1-2.module+el8+5139+bcb28322.src.rpm
oracle linux	8	src	mod_auth_openidc	< 2.3.7-4.module	mod_auth_openidc-2.3.7-4.module+el8.2.0+7637+70221d24.3.src.rpm
oracle linux	8	aarch64	cjose	< 0.6.1-2.module	cjose-0.6.1-2.module+el8+5139+bcb28322.aarch64.rpm
oracle linux	8	aarch64	cjose-devel	< 0.6.1-2.module	cjose-devel-0.6.1-2.module+el8+5139+bcb28322.aarch64.rpm
oracle linux	8	aarch64	mod_auth_openidc	< 2.3.7-4.module	mod_auth_openidc-2.3.7-4.module+el8.2.0+7637+70221d24.3.aarch64.rpm
oracle linux	8	src	cjose	< 0.6.1-2.module	cjose-0.6.1-2.module+el8+5139+bcb28322.src.rpm
oracle linux	8	src	mod_auth_openidc	< 2.3.7-4.module	mod_auth_openidc-2.3.7-4.module+el8.2.0+7637+70221d24.3.src.rpm
oracle linux	8	x86_64	cjose	< 0.6.1-2.module	cjose-0.6.1-2.module+el8+5139+bcb28322.x86_64.rpm
oracle linux	8	x86_64	cjose-devel	< 0.6.1-2.module	cjose-devel-0.6.1-2.module+el8+5139+bcb28322.x86_64.rpm
oracle linux	8	x86_64	mod_auth_openidc	< 2.3.7-4.module	mod_auth_openidc-2.3.7-4.module+el8.2.0+7637+70221d24.3.x86_64.rpm