[ All 3 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z ]
×

Project mod_auth_openidc-2.4.10-1.el9_6.2

Name mod_auth_openidc
Epoch 0
Version 2.4.10
Release 1.el9_6.2
Website/URL https://github.com/OpenIDC/mod_auth_openidc
License ASL 2.0
Build Time 2025-06-24 09:05:18
Build Host builder-x86-05.inferitos.ru
Summary OpenID Connect auth module for Apache HTTP Server
Repositories AppStream
Description This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
Errata INFSA-2025:9396
× Full screenshot
Found 2 old versions
Packages link
Package Summary SHA-256 checksum
x86_64
mod_auth_openidc-2.4.10-1.el9_6.2.x86_64 OpenID Connect auth module for Apache HTTP Server b74c2c05c8e5e1439be7b91a31630f6fc5182d153e54c9f322a28c22685e5bef download
aarch64
mod_auth_openidc-2.4.10-1.el9_6.2.aarch64 OpenID Connect auth module for Apache HTTP Server 41004c17433a8bb41c608c690c7d030494b1d4c0c3ea2eba285104c2f21ae93e download
src
mod_auth_openidc-2.4.10-1.el9_6.2.src OpenID Connect auth module for Apache HTTP Server 10a06f01447482624d32945a2f097df60b6e943a4ca9de620aa966a292d2b49d download
Changelog link 
* Fri Apr 11 2025 Tomas Halman <thalman@redhat.com> - 2.4.10-1.el9_6.2
Resolves: RHEL-95948 - mod_auth_openidc: DoS via Empty POST in mod_auth_openidc
            with OIDCPreservePost Enabled (CVE-2025-3891)

* Fri Apr 11 2025 Tomas Halman <thalman@redhat.com> - 2.4.10-1.el9_6.1
Resolves: RHEL-86224 - mod_auth_openidc allows OIDCProviderAuthRequestMethod
            POSTs to leak protected data (CVE-2025-31492)

* Fri Apr 12 2024 Tomas Halman <thalman@redhat.com> - 2.4.10-1
Rebase to 2.4.10 version improves `state cookies piling up` problem
  Resolves: RHEL-32450 Race condition in mod_auth_openidc filecache
  Resolves: RHEL-25422 mod_auth_openidc: DoS when using
            `OIDCSessionType client-cookie` and manipulating cookies
            (CVE-2024-24814)

* Mon Apr 24 2023 Tomas Halman <thalman@redhat.com> - 2.4.9.4-4
Resolves: rhbz#2189268 - auth_openidc.conf mode 0640 by default