ELSA-2019-3421 -- Oracle mod_auth_mellonID: oval:org.secpod.oval:def:1504009 | Date: (C)2021-01-10 (M)2023-12-20 |
Class: PATCH | Family: unix |
[0.14.0-9] - Just bump the release number - Related: rhbz#1718238 - mod_auth_mellon-diagnostics RPM not in product listings [0.14.0-8] - Resolves: rhbz#1691894 - [RFE] Config option to change mod_auth_mellon prefix [0.14.0-7] - Apply the patch from the previous commit - Resolves: rhbz#1692471 - CVE-2019-3877 appstream/mod_auth_mellon: open redirect in logout url when using URLs with backslashes [rhel-8] [0.14.0-6] - Resolves: rhbz#1692471 - CVE-2019-3877 appstream/mod_auth_mellon: open redirect in logout url when using URLs with backslashes [rhel-8] [0.14.0-5] - Resolves: rhbz#1692457 - CVE-2019-3878 mod_auth_mellon: authentication bypass in ECP flow [rhel-8.1.0] [0.14.0-4] - Resolves: rhbz#1702695 - fresh install of mod_auth_mellon shows rpm verification warnings