Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:1837-1

Опубликовано: 13 апр. 2023
Источник: suse-cvrf

Описание

Security update for apache2-mod_auth_openidc

This update for apache2-mod_auth_openidc fixes the following issues:

  • CVE-2022-23527: Fixed open redirect in oidc_validate_redirect_url() using tab character (bsc#1206441).
  • CVE-2023-28625: Fixed NULL pointer dereference when OIDCStripCookies was set and a crafted Cookie header was supplied (bsc#1210073).

Список пакетов

SUSE Linux Enterprise Server 12 SP4-ESPOS
apache2-mod_auth_openidc-2.4.0-7.9.1
SUSE Linux Enterprise Server 12 SP4-LTSS
apache2-mod_auth_openidc-2.4.0-7.9.1
SUSE Linux Enterprise Server 12 SP5
apache2-mod_auth_openidc-2.4.0-7.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
apache2-mod_auth_openidc-2.4.0-7.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
apache2-mod_auth_openidc-2.4.0-7.9.1
SUSE OpenStack Cloud 9
apache2-mod_auth_openidc-2.4.0-7.9.1
SUSE OpenStack Cloud Crowbar 9
apache2-mod_auth_openidc-2.4.0-7.9.1

Ссылки

Описание

mod_auth_openidc is an OpenID Certified(tm) authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to Open Redirect. When providing a logout parameter to the redirect URI, the existing code in oidc_validate_redirect_url() does not properly check for URLs that start with /\t, leading to an open redirect. This issue has been patched in version 2.4.12.2. Users unable to upgrade can mitigate the issue by configuring mod_auth_openidc to only allow redirection when the destination matches a given regular expression with OIDCRedirectURLsAllowed.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP4-ESPOS:apache2-mod_auth_openidc-2.4.0-7.9.1
SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-mod_auth_openidc-2.4.0-7.9.1
SUSE Linux Enterprise Server 12 SP5:apache2-mod_auth_openidc-2.4.0-7.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-mod_auth_openidc-2.4.0-7.9.1
Ссылки

Описание

mod_auth_openidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when `OIDCStripCookies` is set and a crafted cookie supplied, a NULL pointer dereference would occur, resulting in a segmentation fault. This could be used in a Denial-of-Service attack and thus presents an availability risk. Version 2.4.13.2 contains a patch for this issue. As a workaround, avoid using `OIDCStripCookies`.

Затронутые продукты
SUSE Linux Enterprise Server 12 SP4-ESPOS:apache2-mod_auth_openidc-2.4.0-7.9.1
SUSE Linux Enterprise Server 12 SP4-LTSS:apache2-mod_auth_openidc-2.4.0-7.9.1
SUSE Linux Enterprise Server 12 SP5:apache2-mod_auth_openidc-2.4.0-7.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4:apache2-mod_auth_openidc-2.4.0-7.9.1
Ссылки