Package mod_auth_openidc-2.4.10-1.el9.src
| Name | mod_auth_openidc |
|---|---|
| Epoch | 0 |
| Version | 2.4.10 |
| Release | 1.el9 |
| Architecture | src |
| Website/URL | https://github.com/OpenIDC/mod_auth_openidc |
| License | ASL 2.0 |
| Build Time | 2024-10-08 14:49:37 |
| Build Host | builder-x86-08.inferitos.ru |
| Summary | OpenID Connect auth module for Apache HTTP Server |
| Repositories | AppStream |
| Description | This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. |
| Errata | — |
| Size | 591 KiB |
| Source Project | mod_auth_openidc-2.4.10-1.el9 |
| SHA-256 checksum | 232a53685208983ec5db96fba348267e52a21994fc0e2a4f96f5f56d0362c924 |
×
![Full screenshot]()
* Fri Apr 12 2024 Tomas Halman <thalman@redhat.com> - 2.4.10-1
Rebase to 2.4.10 version improves `state cookies piling up` problem
Resolves: RHEL-32450 Race condition in mod_auth_openidc filecache
Resolves: RHEL-25422 mod_auth_openidc: DoS when using
`OIDCSessionType client-cookie` and manipulating cookies
(CVE-2024-24814)
* Fri Sep 22 2023 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 2.4.9.4-4
- Rebuilt for MSVSphere 9.3 beta
* Mon Apr 24 2023 Tomas Halman <thalman@redhat.com> - 2.4.9.4-4
Resolves: rhbz#2189268 - auth_openidc.conf mode 0640 by default
* Tue Apr 11 2023 Tomas Halman <thalman@redhat.com> - 2.4.9.4-3
- Resolves: rhbz#2184145 - CVE-2023-28625 NULL pointer dereference
when OIDCStripCookies is set and a crafted Cookie header is supplied
* Tue Feb 21 2023 Tomas Halman <thalman@redhat.com> - 2.4.9.4-2
- Resolves: rhbz#2153656 - CVE-2022-23527 - Open Redirect in
oidc_validate_redirect_url() using tab character