rpms/mod_auth_openidc
7
0
Fork 0
Code Issues Pull Requests Releases Activity
9 Commits 9 Branches 25 Tags 228 KiB
2ff0b05d11
Commit Graph

9 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tomas Halman
2ff0b05d11 CVE-2024-24814 and race condition in cache handling 
Resolves: RHEL-36492 Race condition in mod_auth_openidc filecache
Resolves: RHEL-25421 mod_auth_openidc: DoS when using
          `OIDCSessionType client-cookie` and manipulating cookies
          (CVE-2024-24814)
 2024-05-15 16:24:29 +02:00
Tomas Halman
59c713543a Dependency on cjose does not work 
Related: rhbz#2141850 - fix cjose version dependency
 2023-04-25 11:33:21 +02:00
Tomas Halman
3c49220310 The access mode and ownership of auth_openidc.conf 
Resolves: rhbz#2141850 - auth_openidc.conf mode 0640 by default
 2023-04-24 22:32:50 +02:00
Tomas Halman
3ee1d030a2 NULL pointer dereference 
Resolves: rhbz#2184144 - CVE-2023-28625 NULL pointer dereference
                         when OIDCStripCookies is set and a crafted
                         Cookie header is supplied
 2023-04-12 12:35:46 +02:00
Tomas Halman
6de18abc5e Fix open redirect using tab character 
Resolves: rhbz#2153659 - CVE-2022-23527 - Open Redirect in
          oidc_validate_redirect_url() using tab character
 2023-03-17 15:22:54 +01:00
James Antill
fea97d7118 Import rpm: 1bc2852ece62e45f4b80b6bac2ef6379340e3876 2023-02-23 20:22:49 -05:00
James Antill
7ecd97c399 Import rpm: 1bc2852ece62e45f4b80b6bac2ef6379340e3876 2023-02-23 13:01:54 -05:00
James Antill
7b3a3e1f42 Convert from sha1 to sha512. 2022-08-31 15:43:32 -04:00
James Antill
9b2995473b Import rpm: 1bc2852ece62e45f4b80b6bac2ef6379340e3876 2022-08-08 12:42:36 -04:00