ID | 49016 |
Package Name | mod_auth_openidc |
Version | 2.4.9.4 |
Release | 4.el9sopt_901 |
Epoch | |
Source | git+https://gitlab.com/redhat/centos-stream/rpms/mod_auth_openidc#72bec876c107514f2adcb49aecc84e29e0a11944 |
Summary |
Description |
Built by | tdawson |
State |
complete
|
Volume |
DEFAULT |
Started | Thu, 15 Jun 2023 03:02:00 UTC |
Completed | Thu, 15 Jun 2023 03:08:01 UTC |
Task | build (isa9s-packages-optimized-el9sopt, /redhat/centos-stream/rpms/mod_auth_openidc:72bec876c107514f2adcb49aecc84e29e0a11944) |
Extra | {'source': {'original_url': 'git+https://gitlab.com/redhat/centos-stream/rpms/mod_auth_openidc#72bec876c107514f2adcb49aecc84e29e0a11944'}} |
Tags |
|
RPMs |
src | |
|
mod_auth_openidc-2.4.9.4-4.el9sopt_901.src.rpm (info) (download) |
x86_64 |
|
mod_auth_openidc-2.4.9.4-4.el9sopt_901.x86_64.rpm (info) (download)
|
|
mod_auth_openidc-debuginfo-2.4.9.4-4.el9sopt_901.x86_64.rpm (info) (download)
|
|
mod_auth_openidc-debugsource-2.4.9.4-4.el9sopt_901.x86_64.rpm (info) (download)
|
|
Logs |
|
Changelog |
* Mon Apr 24 2023 Tomas Halman <thalman@redhat.com> - 2.4.9.4-4
Resolves: rhbz#2189268 - auth_openidc.conf mode 0640 by default
* Tue Apr 11 2023 Tomas Halman <thalman@redhat.com> - 2.4.9.4-3
- Resolves: rhbz#2184145 - CVE-2023-28625 NULL pointer dereference
when OIDCStripCookies is set and a crafted Cookie header is supplied
* Tue Feb 21 2023 Tomas Halman <thalman@redhat.com> - 2.4.9.4-2
- Resolves: rhbz#2153656 - CVE-2022-23527 - Open Redirect in
oidc_validate_redirect_url() using tab character
* Tue Nov 30 2021 Tomas Halman <thalman@redhat.com> - 2.4.9.4-1
- Resolves: rhbz#2001852 - CVE-2021-39191 mod_auth_openidc: open redirect
by supplying a crafted URL in the target_link_uri
parameter
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.4.8.2-3
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Fri Jul 30 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.4.9.1-1
- Resolves: rhbz#1987223 - CVE-2021-32792 mod_auth_openidc: XSS when using
OIDCPreservePost On [rhel-9.0]
- Resolves: rhbz#1987217 - CVE-2021-32791 mod_auth_openidc: hardcoded
static IV and AAD with a reused key in AES GCM
encryption [rhel-9.0]
- Resolves: rhbz#1987204 - CVE-2021-32786 mod_auth_openidc: open redirect in
oidc_validate_redirect_url() [rhel-9.0]
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.4.8.2-2
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Mon May 10 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.4.8.2-1
- New upstream release
- Resolves: rhbz#1958466 - mod_auth_openidc-2.4.8.2 is available
* Thu May 06 2021 Jakub Hrozek <jhrozek@redhat.com> - 2.4.7.2-1
- New upstream release
- Resolves: rhbz#1900913 - mod_auth_openidc-2.4.7.2 is available
* Fri Apr 30 2021 Tomas Halman <thalman@redhat.com> - 2.4.4.1-3
- Resolves: rhbz#1951277 - Remove unnecessary LTO patch
|