Advisories » MGASA-2019-0410

Updated apache-mod_auth_openidc packages fix security vulnerability

Publication date: 25 Dec 2019
Modification date: 25 Dec 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-14857

Description

The updated package fixes a security vulnerability:

A flaw was found in mod_auth_openidc before version 2.4.0.1. An open
redirect issue exists in URLs with trailing slashes similar to
CVE-2019-3877 in mod_auth_mellon. (CVE-2019-14857)

References

SRPMS

7/core

apache-mod_auth_openidc-2.3.2-2.1.mga7