SUSE-SU-2023:1837-1 -- SLES apache2-mod_auth_openidcID: oval:org.secpod.oval:def:89048796 | Date: (C)2023-06-02 (M)2024-01-02 |
Class: PATCH | Family: unix |
This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2022-23527: Fixed open redirect in oidc_validate_redirect_url using tab character . * CVE-2023-28625: Fixed NULL pointer dereference when OIDCStripCookies was set and a crafted Cookie header was supplied .
Platform: |
SUSE Linux Enterprise Server 12 SP5 |
SUSE Linux Enterprise Server 12 SP4 |
Product: |
apache2-mod_auth_openidc |