SciLinux: SLSA-2019-2112-1 Moderate: mod_auth_openidc on SL7.x x86_64
mod_auth_openidc: OIDC_CLAIM and OIDCAuthNHeader not skipped in an "AuthType oauth20" configuration (CVE-2017-6413) * mod_auth_openidc: Shows user-supplied content on error pages (...
Summary
Moderate: mod_auth_openidc security update
Security Fixes
* mod_auth_openidc: OIDC_CLAIM and OIDCAuthNHeader not skipped in an
"AuthType oauth20" configuration (CVE-2017-6413)
* mod_auth_openidc: Shows user-supplied content on error pages
(CVE-2017-6059)
SL7
x86_64
mod_auth_openidc-1.8.8-5.el7.x86_64.rpm
mod_auth_openidc-debuginfo-1.8.8-5.el7.x86_64.rpm
- Scientific Linux Development Team
Severity
Advisory ID: SLSA-2019:2112-1
Issued Date: : 2019-08-06
CVE Numbers: CVE-2017-6413
CVE-2017-6059
