[ol9_appstream] mod_auth_openidc-2.4.10-1.el9_6.2.aarch64

Name:	mod_auth_openidc
Version:	2.4.10
Release:	1.el9_6.2
Architecture:	aarch64
Group:	Unspecified
Size:	611780
License:	ASL 2.0
RPM:	mod_auth_openidc-2.4.10-1.el9_6.2.aarch64.rpm
Source RPM:	mod_auth_openidc-2.4.10-1.el9_6.2.src.rpm
Build Date:	Mon Jun 23 2025
Build Host:	build-ol9-aarch64.oracle.com
Vendor:	Oracle America
URL:	https://github.com/OpenIDC/mod_auth_openidc
Summary:	OpenID Connect auth module for Apache HTTP Server
Description:	This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.

Changelog (Show File list) (Show related packages)

Fri Apr 11 2025 Tomas Halman <thalman@redhat.com> - 2.4.10-1.el9_6.2

Resolves: RHEL-95948 - mod_auth_openidc: DoS via Empty POST in mod_auth_openidc
            with OIDCPreservePost Enabled (CVE-2025-3891)

Fri Apr 11 2025 Tomas Halman <thalman@redhat.com> - 2.4.10-1.el9_6.1

Resolves: RHEL-86224 - mod_auth_openidc allows OIDCProviderAuthRequestMethod
            POSTs to leak protected data (CVE-2025-31492)

Fri Apr 12 2024 Tomas Halman <thalman@redhat.com> - 2.4.10-1

Rebase to 2.4.10 version improves `state cookies piling up` problem
  Resolves: RHEL-32450 Race condition in mod_auth_openidc filecache
  Resolves: RHEL-25422 mod_auth_openidc: DoS when using
            `OIDCSessionType client-cookie` and manipulating cookies
            (CVE-2024-24814)

Mon Apr 24 2023 Tomas Halman <thalman@redhat.com> - 2.4.9.4-4

Resolves: rhbz#2189268 - auth_openidc.conf mode 0640 by default