Описание
ELSA-2022-1823: mod_auth_openidc:2.3 security update (MODERATE)
cjose [0.6.1-2]
- fix concatkdf big endian architecture problem. Upstream issue #77.
[0.6.1-1]
- upgrade to latest upstream 0.6.1
[0.5.1-3]
[0.5.1-2]
[0.5.1-1]
- Initial packaging
mod_auth_openidc [2.3.7-11]
- Resolves: rhbz#1987222 - CVE-2021-32792 XSS when using OIDCPreservePost On
[2.3.7-10]
- Resolves: rhbz#1987216 - CVE-2021-32791 hardcoded static IV and AAD with a reused key in AES GCM encryption [rhel-8] (edit)
[2.3.7-9]
- Resolves: rhbz#2001853 - CVE-2021-39191 open redirect by supplying a crafted URL in the target_link_uri parameter
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module mod_auth_openidc:2.3 is enabled
cjose
0.6.1-2.module+el8+5139+bcb28322
cjose-devel
0.6.1-2.module+el8+5139+bcb28322
mod_auth_openidc
2.3.7-11.module+el8.6.0+20572+b6f23e95
Oracle Linux x86_64
Module mod_auth_openidc:2.3 is enabled
cjose
0.6.1-2.module+el8+5139+bcb28322
cjose-devel
0.6.1-2.module+el8+5139+bcb28322
mod_auth_openidc
2.3.7-11.module+el8.6.0+20572+b6f23e95
