Описание
Security update for apache2-mod_auth_openidc
This update for apache2-mod_auth_openidc fixes the following issues:
- CVE-2022-23527: Fixed open redirect in oidc_validate_redirect_url() using tab character (bsc#1206441).
- CVE-2021-39191: Fixed open redirect issue in target_link_uri parameter (bsc#1190223).
Список пакетов
SUSE Linux Enterprise Module for Server Applications 15 SP4
SUSE Linux Enterprise Real Time 15 SP3
openSUSE Leap 15.4
Ссылки
- Link for SUSE-SU-2023:0215-1
- E-Mail link for SUSE-SU-2023:0215-1
- SUSE Security Ratings
- SUSE Bug 1190223
- SUSE Bug 1199868
- SUSE Bug 1206441
- SUSE CVE CVE-2021-39191 page
- SUSE CVE CVE-2022-23527 page
Описание
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9.4, the 3rd-party init SSO functionality of mod_auth_openidc was reported to be vulnerable to an open redirect attack by supplying a crafted URL in the `target_link_uri` parameter. A patch in version 2.4.9.4 made it so that the `OIDCRedirectURLsAllowed` setting must be applied to the `target_link_uri` parameter. There are no known workarounds aside from upgrading to a patched version.
Затронутые продукты
Ссылки
- CVE-2021-39191
- SUSE Bug 1190223
Описание
mod_auth_openidc is an OpenID Certified(tm) authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to Open Redirect. When providing a logout parameter to the redirect URI, the existing code in oidc_validate_redirect_url() does not properly check for URLs that start with /\t, leading to an open redirect. This issue has been patched in version 2.4.12.2. Users unable to upgrade can mitigate the issue by configuring mod_auth_openidc to only allow redirection when the destination matches a given regular expression with OIDCRedirectURLsAllowed.
Затронутые продукты
Ссылки
- CVE-2022-23527
- SUSE Bug 1206441