Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

mod_auth_openidc-1.8.8-7.el7 RPM for x86_64

From CentOS 7.9.2009 for x86_64 / Packages

Name: mod_auth_openidc Distribution: Unknown
Version: 1.8.8 Vendor: CentOS
Release: 7.el7 Build date: Wed Sep 30 19:06:03 2020
Group: System Environment/Daemons Build host: x86-02.bsys.centos.org
Size: 371587 Source RPM: mod_auth_openidc-1.8.8-7.el7.src.rpm
Packager: CentOS BuildSystem <http://bugs.centos.org>
Url: https://github.com/pingidentity/mod_auth_openidc
Summary: OpenID Connect auth module for Apache HTTP Server
This module enables an Apache 2.x web server to operate as
an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.

Provides

Requires

License

ASL 2.0

Changelog

* Mon Mar 16 2020 Jakub Hrozek <jhrozek@redhat.com> - 1.8.8-7
  - Fix a regression in the previous patches
  - Related: rhbz#1805748 - CVE-2019-20479 mod_auth_openidc: open redirect
                            issue exists in URLs with slash and backslash [rhel-7]
* Mon Mar 16 2020 Jakub Hrozek <jhrozek@redhat.com> - 1.8.8-6
  - Resolves: rhbz#1805748 - CVE-2019-20479 mod_auth_openidc: open redirect
                             issue exists in URLs with slash and backslash [rhel-7]
  - Resolves: rhbz#1805067 - CVE-2019-14857 mod_auth_openidc: Open redirect
                             in logout url when using URLs with leading slashes
                             [rhel-7]
* Tue Jan 29 2019 Jakub Hrozek <jhrozek@redhat.com> - 1.8.8-5
  - Resolves: rhbz#1626297 - CVE-2017-6413 mod_auth_openidc: OIDC_CLAIM and
                             OIDCAuthNHeader not skipped in an "AuthType oauth20"
                             configuration [rhel-7]
* Tue Jan 29 2019 Jakub Hrozek <jhrozek@redhat.com> - 1.8.8-4
  - Resolves: rhbz#1626299 - CVE-2017-6059 mod_auth_openidc: Shows
                             user-supplied content on error pages [rhel-7]
* Thu Mar 31 2016 John Dennis <jdennis@redhat.com> - 1.8.8-3
  - fix unit test failure caused by apr_jwe_decrypt_content_aesgcm()
    failing to null terminate decrypted string
    Resolves: bug#1292561 New package: mod_auth_openidc
* Tue Mar 29 2016 John Dennis <jdennis@redhat.com> - 1.8.8-2
  - Add %check to run test
    Resolves: bug#1292561 New package: mod_auth_openidc
* Tue Mar 29 2016 John Dennis <jdennis@redhat.com> - 1.8.8-1
  - Initial import
    Resolves: bug#1292561 New package: mod_auth_openidc

Files

/etc/httpd/conf.d/auth_openidc.conf
/etc/httpd/conf.modules.d/10-auth_openidc.conf
/usr/lib64/httpd/modules/mod_auth_openidc.so
/usr/share/doc/mod_auth_openidc-1.8.8
/usr/share/doc/mod_auth_openidc-1.8.8/AUTHORS
/usr/share/doc/mod_auth_openidc-1.8.8/ChangeLog
/usr/share/doc/mod_auth_openidc-1.8.8/DISCLAIMER
/usr/share/doc/mod_auth_openidc-1.8.8/README.md
/usr/share/licenses/mod_auth_openidc-1.8.8
/usr/share/licenses/mod_auth_openidc-1.8.8/LICENSE.txt
/var/cache/httpd/mod_auth_openidc
/var/cache/httpd/mod_auth_openidc/cache
/var/cache/httpd/mod_auth_openidc/metadata


Generated by rpm2html 1.8.1

Fabrice Bellet, Sun Jun 9 13:31:22 2024