Download
| Alert*
|
oval:org.secpod.oval:def:506915
The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fix: * mod_auth_openidc: open redirect in oidc_validate_redirect_url * mod_auth_openidc: ... oval:org.secpod.oval:def:121302 This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. oval:org.secpod.oval:def:4501110 The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fix: * mod_auth_openidc: open redirect in oidc_validate_redirect_url * mod_auth_openidc: ... oval:org.secpod.oval:def:1505677 cjose [0.6.1-2] - fix concatkdf big endian architecture problem. Upstream issue #77. [0.6.1-1] - upgrade to latest upstream 0.6.1 [0.5.1-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild [0.5.1-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild [0.5.1-1] - In ... oval:org.secpod.oval:def:2500782 The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. oval:org.secpod.oval:def:3300109 SUSE Security Update: Security update for apache2-mod_auth_openidc oval:org.secpod.oval:def:89048200 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2022-23527: Fixed open redirect in oidc_validate_redirect_url using tab character . - CVE-2021-39191: Fixed open redirect issue in target_link_uri parameter . oval:org.secpod.oval:def:89045705 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2021-32785: format string bug via hiredis - CVE-2021-32786: open redirect in logout functionality - CVE-2021-32791: Hardcoded static IV and AAD with a reused key in AES GCM encryption - CVE-2021-32792: XSS when using OIDCP ... |
