FEDORA-2023-02c84fe305
Packages in this update:
mod_auth_openidc-2.4.12.3-2.fc39
Update description:
Automatic update for mod_auth_openidc-2.4.12.3-2.fc39.
Changelog
* Tue Mar 7 2023 Tomas Halman <thalman@redhat.com> – 2.4.12.3-2
migrated to SPDX license
* Tue Feb 28 2023 Tomas Halman <thalman@redhat.com> – 2.4.12.3-1
Rebase to 2.4.12.3 version
– Resolves: rhbz#2164064 – mod_auth_openidc-2.4.12.3 is available
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> – 2.4.12.2-2
– Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Fri Dec 16 2022 Tomas Halman <thalman@redhat.com> – 2.4.12.2-1
Rebase to 2.4.12.2 version
– Resolves: rhbz#2153658 – CVE-2022-23527 mod_auth_openidc: Open Redirect in
oidc_validate_redirect_url() using tab character
* Thu Sep 22 2022 Tomas Halman <thalman@redhat.com> – 2.4.11.2-3
– Resolves: rhbz#2128328 – Port pcre dependency to pcre2
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> – 2.4.11.2-2
– Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jun 23 2022 Tomas Halman <thalman@redhat.com> – 2.4.11.2-1
– Resolves: rhbz#2082376 – New version 2.4.11.2 available
* Mon Apr 11 2022 Tomas Halman <thalman@redhat.com> – 2.4.11.1-1
– Resolves: rhbz#1996926 – New version 2.4.11.1 available
* Thu Mar 31 2022 Tomas Halman <thalman@redhat.com> – 2.4.9.4-1
– Resolves: rhbz#2001647 – CVE-2021-39191 mod_auth_openidc: open redirect
by supplying a crafted URL in the target_link_uri
parameter
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> – 2.4.9.1-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> – 2.4.9.1-2
– Rebuilt with OpenSSL 3.0.0
* Wed Aug 18 2021 Jakub Hrozek <jhrozek@redhat.com> – 2.4.9.1-1
– New upstream release
– Resolves: rhbz#1993566 – mod_auth_openidc-2.4.9.1 is available
* Fri Jul 30 2021 Jakub Hrozek <jhrozek@redhat.com> – 2.4.9-1
– Resolves: rhbz#1985153 – mod_auth_openidc-2.4.9 is available
– Resolves: rhbz#1986103 – CVE-2021-32786 mod_auth_openidc: open redirect
in oidc_validate_redirect_url()
– Resolves: rhbz#1986396 – CVE-2021-32791 mod_auth_openidc: hardcoded
static IV and AAD with a reused key in AES GCM
encryption
– Resolves: rhbz#1986398 – CVE-2021-32792 mod_auth_openidc: XSS when using
OIDCPreservePost On
* Thu Jul 22 2021 Fedora Release Engineering <releng@fedoraproject.org> – 2.4.8.4-2
– Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Wed Jun 2 2021 Jakub Hrozek <jhrozek@redhat.com> – 2.4.8.3-1
– New upstream release
– Resolves: rhbz#1966756 – mod_auth_openidc-2.4.8.3 is available
* Mon May 10 2021 Jakub Hrozek <jhrozek@redhat.com> – 2.4.8.2-1
– New upstream release
– Resolves: rhbz#1958466 – mod_auth_openidc-2.4.8.2 is available
* Thu May 6 2021 Jakub Hrozek <jhrozek@redhat.com> – 2.4.7.2-1
– New upstream release
– Resolves: rhbz#1900913 – mod_auth_openidc-2.4.7.2 is available
* Fri Apr 30 2021 Tomas Halman <thalman@redhat.com> – 2.4.4.1-3
– Remove unnecessary LTO patch