Package mod_auth_openidc-2.4.10-1.el9_6.2.src
| Name | mod_auth_openidc |
|---|---|
| Epoch | 0 |
| Version | 2.4.10 |
| Release | 1.el9_6.2 |
| Architecture | src |
| Website/URL | https://github.com/OpenIDC/mod_auth_openidc |
| License | ASL 2.0 |
| Build Time | 2025-06-24 09:05:18 |
| Build Host | builder-x86-05.inferitos.ru |
| Summary | OpenID Connect auth module for Apache HTTP Server |
| Repositories | AppStream |
| Description | This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. |
| Errata | — |
| Size | 607 KiB |
| Source Project | mod_auth_openidc-2.4.10-1.el9_6.2 |
| SHA-256 checksum | 10a06f01447482624d32945a2f097df60b6e943a4ca9de620aa966a292d2b49d |
×
![Full screenshot]()
* Fri Apr 11 2025 Tomas Halman <thalman@redhat.com> - 2.4.10-1.el9_6.2
Resolves: RHEL-95948 - mod_auth_openidc: DoS via Empty POST in mod_auth_openidc
with OIDCPreservePost Enabled (CVE-2025-3891)
* Fri Apr 11 2025 Tomas Halman <thalman@redhat.com> - 2.4.10-1.el9_6.1
Resolves: RHEL-86224 - mod_auth_openidc allows OIDCProviderAuthRequestMethod
POSTs to leak protected data (CVE-2025-31492)
* Fri Apr 12 2024 Tomas Halman <thalman@redhat.com> - 2.4.10-1
Rebase to 2.4.10 version improves `state cookies piling up` problem
Resolves: RHEL-32450 Race condition in mod_auth_openidc filecache
Resolves: RHEL-25422 mod_auth_openidc: DoS when using
`OIDCSessionType client-cookie` and manipulating cookies
(CVE-2024-24814)
* Mon Apr 24 2023 Tomas Halman <thalman@redhat.com> - 2.4.9.4-4
Resolves: rhbz#2189268 - auth_openidc.conf mode 0640 by default