Debian Patches

Status for libapache2-mod-auth-openidc/2.4.12.3-2+deb12u1

Patch Description Author Forwarded Bugs Origin Last update
0001-Fix-CVE-2023-28625-segfault-DoS-when-OIDCStripCookie.patch Fix CVE-2023-28625: segfault DoS when OIDCStripCookies is set Moritz Schlarb <schlarbm@uni-mainz.de> no upstream, https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-f5xw-rvfr-24qr 2023-05-02
0002-fix-DoS-CVE-2024-24814.patch [PATCH] release 2.4.15.2: fix DoS CVE-2024-24814
fix CVE-2024-24814: DoS when 'OIDCSessionType client-cookie' is set and
a crafted Cookie header is supplied
https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-hxr6-w4gc-7vvv		 Hans Zandbelt <hans.zandbelt@openidc.com> no 2024-02-06

All known versions for source package 'libapache2-mod-auth-openidc'

Links