������apache2-mod_auth_openidc-2.3.8-150600.16.8.1������������������������������������������������������<���>�������,���������������������������������������������������AT�����g3Op9|��+��f|b㈞9%
$1Ҋ
'�R�+-Ջ�j[h;�7D˒넋aL2@V:�^�sE�̟ͫY~u~]V
>_�A�-�P\+⥌AXO߭�q ev[6>j ��N��X�BwE�G/-*m��
,v4Rn"*xE>�/�;%V�:C�Y3z+�'$*�$k:\/c��Z�zu�%78SC3)U���>��������������������>���@���?�������0�������d����������������������������������������������������!���������� ���/���������� ���p���������������������������������������������������������������������������������������>��������������I���������� ���_������������������������������������������������������������������������������� ��������������
���������������������������������������������
�����������������������$���������������.���������������8���������������p���������������x����������������������������������������������������(��������������8��������������9��������������:�������I�������F��������������G��������������H���������������I���������������X���������������Y���������������\�������@�������]�������H�������^�������d�������b��������������c�������-�������d��������������e��������������f��������������l��������������u��������������v��������������w��������������x��������������y����������
���z���������������������������������������������������������������,����C�apache2-mod_auth_openidc�2.3.8�150600.16.8.1�Apache2.x module for an OpenID Connect enabled Identity Provider�This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.����g3Onebbiolo�������SUSE Linux Enterprise 15�SUSE LLC �Apache-2.0�https://www.suse.com/�Productivity/Networking/Web/Servers�https://github.com/zmartzone/mod_auth_openidc/�linux�ppc64le��������A����g3Lg3L�7d0703845d27e4b856b52aa0488844ab312d0db2f83514ca4a4d245b521640a5�����������root�root�root�root�apache2-mod_auth_openidc-2.3.8-150600.16.8.1.src.rpm����apache2-mod_auth_openidc�apache2-mod_auth_openidc(ppc-64)���������@���@���@���@���@���@���@���@���@���@����
���
���
���
����apache_mmn_20120211�libc.so.6()(64bit)�libc.so.6(GLIBC_2.17)(64bit)�libc.so.6(GLIBC_2.38)(64bit)�libcjose.so.0()(64bit)�libcrypto.so.3()(64bit)�libcrypto.so.3(OPENSSL_3.0.0)(64bit)�libcurl.so.4()(64bit)�libjansson.so.4()(64bit)�libjansson.so.4(libjansson.so.4)(64bit)�libpcre.so.1()(64bit)�rpmlib(CompressedFileNames)�rpmlib(FileDigests)�rpmlib(PayloadFilesHavePrefix)�rpmlib(PayloadIsXz)�suse_maintenance_mmn_0������������3.0.4-1�4.6.0-1�4.0-1�5.2-1��4.14.3��g�@f=@f}T@d,�@c@bV@a�F`@`e^_@]{@[v[GZ�Z1�@pgajdos@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�pgajdos@suse.com�kstreitova@suse.com�kstreitova@suse.com�kstreitova@suse.com�kstreitova@suse.com�vcizek@suse.com�christof.hanke@mpcdf.mpg.de�- security update
- added patches
fix CVE-2025-31492 [bsc#1240893], OIDCProviderAuthRequestMethod POSTs can leak protected data
+ apache2-mod_auth_openidc-CVE-2025-31492.patch
- enable the testsuite�- Fix apxs2 binary location, which made the library file be installed in root folder,
bsc#1227261�- Fix CVE-2024-24814, DoS when `OIDCSessionType client-cookie` is set
and a crafted Cookie header is supplied, bsc#1219911
* fix-CVE-2024-24814.patch�- Fix CVE-2023-28625, NULL pointer dereference when OIDCStripCookies is
set and a crafted Cookie header is supplied, bsc#1210073
* fix-CVE-2023-28625.patch�- Fix CVE-2022-23527, Open Redirect in oidc_validate_redirect_url() using tab character
(CVE-2022-23527, bsc#1206441)
* fix-CVE-2022-23527-0.patch
* fix-CVE-2022-23527-1.patch
* fix-CVE-2022-23527-3.patch
* fix-CVE-2022-23527-2.patch
- Harden oidc_handle_refresh_token_request function
* harden-refresh-token-request.patch
- Fixes bsc#1199868, mod_auth_openidc not loading�- Fix CVE-2021-39191 open redirect issue in target_link_uri parameter
(CVE-2021-39191, bsc#1190223)
* fix-CVE-2021-39191.patch�- Fix CVE-2021-32791 Hardcoded static IV and AAD with a reused key in AES GCM encryption
(CVE-2021-32791, bsc#1188849)
* fix-CVE-2021-32791.patch
- Fix CVE-2021-32792 XSS when using OIDCPreservePost On
(CVE-2021-32792, bsc#1188848)
* fix-CVE-2021-32792-1.patch
* fix-CVE-2021-32792-2.patch�- Fix CVE-2021-32785 format string bug via hiredis
(CVE-2021-32785, bsc#1188638)
* fix-CVE-2021-32785.patch
- Fix CVE-2021-32786 open redirect in logout functionality
(CVE-2021-32786, bsc#1188639)
* fix-CVE-2021-32786.patch
- Refresh apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch�- require hiredis only for newer distros than SLE-15 [jsc#SLE-11726]�- add apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch to fix
open redirect issue that exists in URLs with a slash and
backslash at the beginning [bsc#1164459], [CVE-2019-20479]�- add apache2-mod_auth_openidc-2.3.8-CVE-2019-14857.patch to fix
open redirect issue that exists in URLs with trailing slashes
[bsc#1153666], [CVE-2019-14857]�- submission to SLE15SP1 because of fate#324447
- build with hiredis only for openSUSE where hiredis is available
- add a version for jansson BuildRequires�- update to 2.3.8
- changes in 2.3.8
* fix return result FALSE when JWT payload parsing fails
* add LGTM code quality badges
* fix 3 LGTM alerts
* improve auto-detection of XMLHttpRequests via Accept header
* initialize test_proto_authorization_request properly
* add sanity check on provider->auth_request_method
* allow usage with LibreSSL
* don't return content with 503 since it will turn the HTTP
status code into a 200
* add option to set an upper limit to the number of concurrent
state cookies via OIDCStateMaxNumberOfCookies
* make the default maximum number of parallel state cookies
7 instead of unlimited
* fix using access token as endpoint auth method in
introspection calls
* fix reading access_token form POST parameters when combined
with `AuthType auth-openidc`
- changes in 2.3.7
* abort when string length for remote user name substitution
is larger than 255 characters
* fix Redis concurrency issue when used with multiple vhosts
* add support for authorization server metadata with
OIDCOAuthServerMetadataURL as in RFC 8414
* refactor session object creation
* clear session cookie and contents if cache corruption is detected
* use apr_pstrdup when setting r->user
* reserve 255 characters in remote username substition instead of 50
- changes in 2.3.6
* add check to detect session cache corruption for server-based
caches and cached static metadata
* avoid using pipelining for Redis
* send Basic header in OAuth www-authenticate response if that's
the only accepted method; thanks @puiterwijk
* refactor Redis cache backend to solve issues on AUTH errors:
a) memory leak and b) redisGetReply lagging behind
* adjust copyright year/org
* fix buffer overflow in shm cache key set strcpy
* turn missing session_state from warning into a debug statement
* fix missing "return" on error return from the OP
* explicitly set encryption kid so we're compatible with
cjose >= 0.6.0
- changes in 2.3.5
* fix encoding of preserved POST data
* avoid buffer overflow in shm cache key construction
* compile with with Libressl�- update to 2.3.4
- requested in fate#323817�- initial packaging�nebbiolo 1744384847������������������������������2.3.8-150600.16.8.1�2.3.8-150600.16.8.1���������apache2�mod_auth_openidc.so�/usr/lib64/�/usr/lib64/apache2/�-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g�obs://build.suse.de/SUSE:Maintenance:38315/SUSE_SLE-15-SP6_Update/2ba48ed6ee7f6350d7f0a188b95fd233-apache2-mod_auth_openidc.SUSE_SLE-15-SP6_Update�drpm�xz�5�ppc64le-suse-linux������������directory�ELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, BuildID[sha1]=f34cdbfea2c34b7b54a2a1c28cef93ec748b7af4, stripped�������������������
R�� R���R���R���R���R���R���R���R��
R���o!f<�����utf-8�da7039d1eed514ad26d6ba71a7be81235e040b709dd6dc09942eb333be73022f���������?���� ����7zXZ��
���!�����t/1!]�"��k%$6"5okw@_/.�PS�8;ot'O�
%�U���5B�q8w뗍,M�Wv}ox�mwr,z�d{�
�o2?�7�$"E�i_7Ӣ|@y^K'ZSqf��c�3�I2�7m��&#Ҕu�}a�[( �xuu�oCv{kn Vp�mhYqb*�A{u:d�qȶkN�r\[�)�zx�]�^vc~##�>N"GjM$n@\3�8�:�#7z۳M>)i%�^4CQm0U&j]Mв(E�/c�BAP7�upV>$E(
G9억R=2*ð)��J� 4�ȳ1U�8w�W�[.Yb|qj
�HFK.ZfT�o54Aܑ�u�Xuq��b@}@%>mBa[�|�SӋpg���@6u���
rZs+.4�k�)t�'vmJL?(SByOkEz
{@Ȼuu|
VCF%F-c���#�vU9�4�E �B��!;vN�EƄx'ѽ[� #h0/fX�j|.Q &S0Pݟ{���lcKpDp>�DÅF�!m|r�`X#ٷ/
�Gӈ|�[�ҡ��˘ �t3!CȳH:͑�I])jcRHWA-�@,I=f�A�Yxb;$T5)߉�%݃ezo�vF~{��}X��;l24A HAD/L>m�HgG���qSl4�zbqJ4i;1y+�V�9u�U
�┊p"9d�ҩ��vp:!N�zGZ|�g�%k_\lbsb_xEara|=P�s'X�ҩV�yctO}�7)M@̝r[�Q} ߋ1Rქi=wXhΗB+�'�!!1|tiF$jv8l1[٧7s��J*Ϸ�ɛc2 1XEl?xX�W=J�2�=ijRD%"O_5"P=�;�Bk�ʖ�~[_"."�zLX9VF�D 9{w{�3
*y6�CD8| �ܣ!ҙ�3�ԥ\EeW'Fj_J�5`Gsc�?^f��iܥX�#kucs�,˳�n3X_.E�E0_;�U�u05Zw/�˲5w�}Mf
PvҀy��YG�C)w' Ԓ2}�]�Vp?-�l6W"GZUD1:ɐPe�\MxS5���͕ �ԦW&Ff2m{fc(U��[6c��PX�cW�/K�}�{�g�L>6�К(�?BfhāvRI*F
DV�yFu
61l�xec�}���E���JB*!�xaP2 E��t/ROU]nt�o8��f8f �'ͪ^M�+8�#Gf ;ù�~Z�f�
_#k}�7�rj�u��UR/l�5e�g=�UDTt3.y`�)L%��w B}-nY�4}1�R&d�&cH�*K=L-V 0��b��Y~H%�`6x8'Pglgk�7eξ��8Z�"Gil�\0Zԭ}
t!&TJr_�?pl[%I5㭾a��2\��Ճ1+hFHfv�B=�ɱV+>OpMq3g1dۡDoՊHH�
Y�KxD�.Ӌ �?�q�#M)Sh"/&T�h$sY.-? rX s]!d~Cf32��hh�+s%u6\
Y{HH��(Kⶕ�! D8n�'te4BkP�]nhW��-fQ:�^]f�Iժ-bT�˫��c?w55rZrj�'\�v#Tx�j/#�~SH&L/�e��:�_51$Xٿ�a%�g:"ҭ�jm$2Rmd,-7� kLjf!y8ѰmR��7&PCS_j+cpR9N7y�7����͆UFf054qL]$tF�c�:xˋm�거z.}lAݔ�2�m{Cs�bovvjfFc�%z�r:ڙUa�T�I dUT�@Ċ�Ut'�V�z7<��5h`.??~rՃx).3�7�t\
Hu=�G�NBL#izB|�nW>84;�,O4��mo�1�Gޥ,* P3[2%pxQ��+!c�.xe-�6p�Fٯ�T,�g_ٳ؝���Ot6m?_
m8U
MR͒0�\�ègEj8 �bs�TS���X`t�Q� z1s�g_^�>ddjN'.3��;O"AVa��C|�I7Ͻ0S����'<$V"AE�&>I�u@4E(�7ގ8 �Eg�%��tw17(V{S��oQYb&Pq�UAPxXܸ$y-$D˪g�ZQ#)*vkY Aso٥|ra�^qϫ3uz=ci�u\ͫfO`(e�+2�b���[sQ
}k:�O�u���sTJ ض_!v e}x� ��OR~Ȇ\_70\FЕXs�� G@P
pS\��m�NԶX$nҮ4��)D�<<�HG,T[}a2�-R9OK.䤐�vԅs=xM�g�[a�bD� Q%?CoW��8xW~kkb>�Ҋ֒&��z�OQ
-{"�^t3<�o�R Si
FTBg5Уsi�smHdW$n[zdY\�i>ŗ7�dEQ6NF�W�lNc�DJ:ݨ%gڰX{5`B
����e$/�E9,υ
>-O�2evor-v4�wB2�Y/i�䁵qp]aѸ 4:n�w:AZFU#+�5.+tffafXgU |ah*��yu 54��2iF%.��H[jU#vwAP�OWA%R�o�IB�(gEa7��E5>+yl�O�x�8h�9��8BWj�v3�|&~\_� 3rrԅs^5:roƝ^�Ig\Oi�s�dh��l�h5�bsn ъ?+��+g���tpq�s�=�"z�&�(L)"u1�<�Z�rx?f/P��T
V7hw��k_f(*]Dg�=�M�}u�
.�Cz䡘FH�-$�x|"5 z%X�)owؕE,�u�̸_I`]W�>r�d.�x(b+"D'&(/n�-W4�G%jG�
�+��k��rO0EФ;�=S: ]�ڽ�8xO;��R0xc9ƎIk ��
̂�mB7
ƍ��^�3dbg�Yۚ> %#�|my�v��9;ieą �,D[PB'��Ad_�H{\y<2�+�k{H�dH�{
)�L�jT&2�ɂ
�~�2�O
`8WG9�@&v
E4n��;O�m��UV~��w'%�X}}w�;,虹zSu[/mpaXVS�^c+ȟ�rfHV t"�=�Cy@s7~˺dXajWkg;�[�(��R/ܧY��x�d/�c<<ţZMZ�^iw/�&8�Q.O6�
]�kf)֘�(d:�î|!vﶔ?wȟ+hiipBBr̀p5@�x#"�4Ix`iẓ Ge{bZN;WP$oZ\ ya�fj
�Q
2Ĥ$P0
G�|�.c 8zEy\/��7l�݈g}`/PVR��"63l�-;[k]~CN�J@ǝ�K�9.�(u2�'�4�?iFacS�M�VՁ�og}0U�7{F?i4qH&?�'d�c펯Y-��l˃�#�<��Y2�y�Nh)wi�jձC*�Tm�n0%˳Mnbb*]!֒1$zҰ;_ s#3���y帧:�^hFh#txۃ�L`�k��>��l]]W�`�}>x/6A�p e��O#�jZ�$Io )/?b;Ws)�)ѓ0�`�럳Zlᗶ�> X0Sg
MtOH�
jU|]8� iw hmi� 3I67&*Y��˕�^?][secCe2f��*6|6g��%44{4�LZy2+y�RC�#�ׯqvLğ�_j�<+c$ކ;<ǙB�:cp�Z�V�n4=^6<&� �hk뱁�-g����0k)E�(x�d��z�5�
=>Zȥ>¢�&Q0Vd*~�'fYOA4� КS�w\].�hT7�;B*�,PQ'MD�^5�>mJI^d�6�ElM�r��@ ս2�W3-tÐ:g�W�<�4ԑ}s��~�HeVצ1{�W�g(v2Y�<
��8I&eˢ,���oc>7q�9&G(xAByc�ď[q��eC|/�{u*G��̤$!z�P/�ϡ�ɬdޙ`Df7tZtٛ8�ѱʊdk`[aS6N4��d'#[��ĉYѽ�-dLbˋgcmGKRtt'S2_`9\DIM)�{'u�9Nog\ԫba`�BۨX�Y�lq�#d����OYs\{I?�i��PCL$ԗzU/O�m�(j(�N
lv�+�c(��lIqE(�4.�؛�)ˡӠAVE,&
IgAuV3#�@d�B&m[&AI�V]4;�fu+�UQ#v;,ÄyQEpeu��8�3�h2`)ݣ
�B.�62ՉwZ>E�EyԻ�:6�H��eP|\E�0pAL">���F*YK�rNk�y�P0<=�Lʟ;C��.Ԛ-r`�E
}fZXƁq11���Bv,jsoWcQz9~��۪CYۄݣ;c$4.��mZ�42���}1.(�Da[v�.{v�* ���B cZ��E�Su4S'\1"��fr|_I2'KrE�M
T-a�%D~d3�E���n�:ڑ`L|8�
��d#~!q�ٟ�羦s$*R���Cc��������
YZ