apache2-mod_auth_openidc-2.3.8-150600.16.8.1<>,Eȉg3Vp9|6}$F# sƅOᅑTS<ֻ2F-6( rKAV;'nk'b7I?QhQKӈ?*s1#eOf EBC >ovLh)-욭{ή܍^KwLm5}To+`buP%."7L,\L&Ua l(_`D=$,aZ;JBVd :芎♿£.C3gLi>>?d! / p>I _     $.8px(8$9`:FKG`HhIpXtY|\]^bcd$e)f,l.u@vHwxy z(8<BCapache2-mod_auth_openidc2.3.8150600.16.8.1Apache2.x module for an OpenID Connect enabled Identity ProviderThis module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.g3Vs390zl34\8SUSE Linux Enterprise 15SUSE LLC Apache-2.0https://www.suse.com/Productivity/Networking/Web/Servershttps://github.com/zmartzone/mod_auth_openidc/linuxs390x\8Ag3Rg3S9ccdaf152fd573fa3da13a36ca597a18905c86555dc09a41cac181c38047dc83rootrootrootrootapache2-mod_auth_openidc-2.3.8-150600.16.8.1.src.rpmapache2-mod_auth_openidcapache2-mod_auth_openidc(s390-64)@@@@@@@@@@@@@    apache_mmn_20120211libc.so.6()(64bit)libc.so.6(GLIBC_2.2)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.38)(64bit)libc.so.6(GLIBC_2.4)(64bit)libcjose.so.0()(64bit)libcrypto.so.3()(64bit)libcrypto.so.3(OPENSSL_3.0.0)(64bit)libcurl.so.4()(64bit)libjansson.so.4()(64bit)libjansson.so.4(libjansson.so.4)(64bit)libpcre.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)suse_maintenance_mmn_03.0.4-14.6.0-14.0-15.2-14.14.3g@f=@f}T@d,@c@bV@aF`@`e^_@]{@[v[GZZ1@pgajdos@suse.comdanilo.spinella@suse.comdanilo.spinella@suse.comdanilo.spinella@suse.comdanilo.spinella@suse.comdanilo.spinella@suse.comdanilo.spinella@suse.comdanilo.spinella@suse.compgajdos@suse.comkstreitova@suse.comkstreitova@suse.comkstreitova@suse.comkstreitova@suse.comvcizek@suse.comchristof.hanke@mpcdf.mpg.de- security update - added patches fix CVE-2025-31492 [bsc#1240893], OIDCProviderAuthRequestMethod POSTs can leak protected data + apache2-mod_auth_openidc-CVE-2025-31492.patch - enable the testsuite- Fix apxs2 binary location, which made the library file be installed in root folder, bsc#1227261- Fix CVE-2024-24814, DoS when `OIDCSessionType client-cookie` is set and a crafted Cookie header is supplied, bsc#1219911 * fix-CVE-2024-24814.patch- Fix CVE-2023-28625, NULL pointer dereference when OIDCStripCookies is set and a crafted Cookie header is supplied, bsc#1210073 * fix-CVE-2023-28625.patch- Fix CVE-2022-23527, Open Redirect in oidc_validate_redirect_url() using tab character (CVE-2022-23527, bsc#1206441) * fix-CVE-2022-23527-0.patch * fix-CVE-2022-23527-1.patch * fix-CVE-2022-23527-3.patch * fix-CVE-2022-23527-2.patch - Harden oidc_handle_refresh_token_request function * harden-refresh-token-request.patch - Fixes bsc#1199868, mod_auth_openidc not loading- Fix CVE-2021-39191 open redirect issue in target_link_uri parameter (CVE-2021-39191, bsc#1190223) * fix-CVE-2021-39191.patch- Fix CVE-2021-32791 Hardcoded static IV and AAD with a reused key in AES GCM encryption (CVE-2021-32791, bsc#1188849) * fix-CVE-2021-32791.patch - Fix CVE-2021-32792 XSS when using OIDCPreservePost On (CVE-2021-32792, bsc#1188848) * fix-CVE-2021-32792-1.patch * fix-CVE-2021-32792-2.patch- Fix CVE-2021-32785 format string bug via hiredis (CVE-2021-32785, bsc#1188638) * fix-CVE-2021-32785.patch - Fix CVE-2021-32786 open redirect in logout functionality (CVE-2021-32786, bsc#1188639) * fix-CVE-2021-32786.patch - Refresh apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch- require hiredis only for newer distros than SLE-15 [jsc#SLE-11726]- add apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch to fix open redirect issue that exists in URLs with a slash and backslash at the beginning [bsc#1164459], [CVE-2019-20479]- add apache2-mod_auth_openidc-2.3.8-CVE-2019-14857.patch to fix open redirect issue that exists in URLs with trailing slashes [bsc#1153666], [CVE-2019-14857]- submission to SLE15SP1 because of fate#324447 - build with hiredis only for openSUSE where hiredis is available - add a version for jansson BuildRequires- update to 2.3.8 - changes in 2.3.8 * fix return result FALSE when JWT payload parsing fails * add LGTM code quality badges * fix 3 LGTM alerts * improve auto-detection of XMLHttpRequests via Accept header * initialize test_proto_authorization_request properly * add sanity check on provider->auth_request_method * allow usage with LibreSSL * don't return content with 503 since it will turn the HTTP status code into a 200 * add option to set an upper limit to the number of concurrent state cookies via OIDCStateMaxNumberOfCookies * make the default maximum number of parallel state cookies 7 instead of unlimited * fix using access token as endpoint auth method in introspection calls * fix reading access_token form POST parameters when combined with `AuthType auth-openidc` - changes in 2.3.7 * abort when string length for remote user name substitution is larger than 255 characters * fix Redis concurrency issue when used with multiple vhosts * add support for authorization server metadata with OIDCOAuthServerMetadataURL as in RFC 8414 * refactor session object creation * clear session cookie and contents if cache corruption is detected * use apr_pstrdup when setting r->user * reserve 255 characters in remote username substition instead of 50 - changes in 2.3.6 * add check to detect session cache corruption for server-based caches and cached static metadata * avoid using pipelining for Redis * send Basic header in OAuth www-authenticate response if that's the only accepted method; thanks @puiterwijk * refactor Redis cache backend to solve issues on AUTH errors: a) memory leak and b) redisGetReply lagging behind * adjust copyright year/org * fix buffer overflow in shm cache key set strcpy * turn missing session_state from warning into a debug statement * fix missing "return" on error return from the OP * explicitly set encryption kid so we're compatible with cjose >= 0.6.0 - changes in 2.3.5 * fix encoding of preserved POST data * avoid buffer overflow in shm cache key construction * compile with with Libressl- update to 2.3.4 - requested in fate#323817- initial packagings390zl34 17443848542.3.8-150600.16.8.12.3.8-150600.16.8.1apache2mod_auth_openidc.so/usr/lib64//usr/lib64/apache2/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:38315/SUSE_SLE-15-SP6_Update/2ba48ed6ee7f6350d7f0a188b95fd233-apache2-mod_auth_openidc.SUSE_SLE-15-SP6_Updatedrpmxz5s390x-suse-linuxdirectoryELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, BuildID[sha1]=099c357d98ed6324534e91ffa312bcd0807f37c7, stripped R R RRRRRR RR RR R|Z=YFutf-8ab82f68e5a4b6e64d7e7fc22b8700923d4f1333a0c1c6cc8a3e9f7cb14f7cdae? 7zXZ !t/s ӞBЮ3 ,;+x b{7@ CDGAo8}⽥ Q|#qyJj^O.*k~SZ;!Vp}ٙhX"eߢ.D❸L >nxȺc&ˢC#-RB8lH8)Kll[[d7FÏV4M4zSW>އ&N㔛6Pnn}Zf0$P[;ʇ,V( )>uyi|Vs&AD*Yb4s}8HjI8;O=)K{^a(d4 wG\ ÊU_Wu޶CH-?s\~e^ R6pPs 6wp }Ƈ,hS#%6,@:ef)ԘT Qɹßa+$ U mS}%d Qv?ӔۗUJNU=GGfRnuN#ys)o$2+k(N3Ԡ6c->+s25,YDu$5*K`P7aO<ק13A)lq_/ S[ݕU4o8W!f%Њ < u?SDya'ȼKJ_c6r`I!&UGiY@mZ\u8m1H*67@3PDh&g&p U4ia!!DƄ'XW:4ſ;&lد5d_9,PR]Dwr%;)lHx*}yUȁ՜=ԕ儮l߱Dm Y0#hm[;5Q IƱxFLaPc"5γE\e/6fXƁ\v\Bt:0rx' - (6 IA߰\R\$ްڇ0 oaQԭECCo^3B_-*3%({2ggڻJ|(_T%h]ZGwSZ#vjj%Sڳy7"^|,,JΞpu&aumĽKy|q:%;;?j˲CoE-!w2mGԷ&0;]p/*l /\IDp4/}^#7׸1-T0ۓ:BE:סDMTK?jՇdG] Xmnh^$ ̷H=ՐB)jc,ryq|K;[U u-gӂg,Ա<D` uYY&%`͜N|xxhh$ш]!1dTq.6qIgg_{.Uw!YO&J#Wf4qCla\ `˛!p3g.C4_*JKʂ|=t*?`(Jft(u2pRӱP+DEaӓ >C -|kiD QGw7t?2#;~m4lĂ"@3]$ ?szcV+XhjQMx5".H] @enE|(' R揼梳z4GN"Z/>a`fњ[$9Bg _rd!O6э֚~5IفDOoX[r8G@Ht/AXom&2~\@\/z\Ėτ-]#0JןV"tcs>]!]q1Qldu~Haa % ͔j6nyEȍ ƽ!,ܑ$'RHۨkhEe;l\n sf=j#cHyAfEUIt֨:[O4$1j8/\N mŅ!g NxW!Kgb<};_H5aP4^ۡ@MmH-)Dh = @S/߽!Pq\ +!f k X-gNH[/zЗs}\ǃ7՜KURYHHnV mj@Yn=4Y!;/ԿTu\+Pn;4}@ 0T6}}cҭ%v$@x?͚_M #a18lͱW;24]A[fDERSCՇJ+@ՑPi.[jX/^DFY (9Eb-N&΀tͬ{($jTUr] 8jJ_Ҿ܍6:F0UpR-5n@/_՗S PI :j<@{$NO$;##M4xl1͹}½+U)35\3)\O:{/Nܚ%;)㰏e] niQܭJNyH=ZcSLTgC3 R.l Ф% O8ږұdϒ=nߓ353=pt?))(9y3 }P${z%dߟ<}CQ`(C>(}AMڮm睧GKfdANtO^Q1_FBg]n}4*BFmL.1GD=E$ͻ ]ir]:c])1 ϰbojhТrFѠFv]2ѓz &ل*5,]suR Y% <Əg\ZWEj:#q`4{,ކԷ/桢&ӵF2p1jss<[Il` &D+ޙHٷ?c< ?P o"<1ZRqa{:[bzTXjuj{w)6o cYs0,thb2၍7 좱EeahH٣צD99VfҚ\(t,ݤwHғ`n {kop!*w`"%{F\H9#tWR,#א/E%}W81NXxqY&Wy.Su7& dHjکaMN;LYqyApแQB`bWUV,-7_>5ݓ`5uL{~L$) c? e?=~Nr/yPb>{FOF/>L>,Ssw{}L(ԭt$<qj>xIvp#dǩNdAƳjrIM'&tp5@51 S6U-bʾ~E~EJU = pB|*y{ĊKZ67#KG[߹C/ ׳ʔ|Z2Q=CΨ[a+k}k᪵м`ၙC/)q" Y?٥w+3\M6]#B]Ynkb+g4x!ǣskZ^_sHO͢paZN(>V};c/l?oҟcr;?;~5 f2#S93~ZpeJ}̅a3,^!:ODۻZ\k8:reƞCK r"<`cy.y7$POcVxDC=ԿϬ8H RHx(< n=܂pIm~nK J]۬0(G ij%Y/CZSg &&J綐Qŝ,=ˤ/z( zhO?I|=E;Ҕ:8AI=S֡o XM5#x~oy3ԁ @CWfXd_0$AhY#6UcJ OkTLy`oTX /lgj%D-8-mnV,Weh -|d]d'T7 go`!J { jsG#<-S-yOVR;ꣂ*Si5v2TF݉ bŨ,AsѰ2P>䴼BE3詈4: W^>E]ݰqx%f>5:cm|WqdɶŕDʾ{L^3ۚM# XNji⑺W4JU:ǎo|LA~[0(_t/|.4E]l%k;7bZ1IXjmbI77cJam wi_rCCGo#vK1iF@ lIݩy7RZUl5T)3taC|:ےƆ>>/x7E(d 8hz-آ)3sVS8j[`^hY*P5&\Casݩq:OU& v]JUuF cg`>|M7f1ms?G>v4mψ˦ A,6(1\{_o""TieJĶS[`Ox4X X -*I3AwMd: fsˍI7 h@1v+="oߔ^y\$i-Gգj \|gcjQtgRJ Rp8B^6鐢2HTy$ F~JcE{0lJ7GQ;z Ά^,/ I t|ZvAG ⸘zHM@Sj#U1üOMrjLԐ6T"GQGK/ܑ_q9`ILqn2 mć-C_rpGPu3"uz^/9cIs$0r7^6XD10qt9ᬫHkV':T{ 5@Z-i߯oE짳)Q |s`gzYWr`ydEZ6Y&ٌ~ɏ<4G_MTaH/?T: Sԍϕ%)TLsC^˱Ȥ~ -;jB3Q0{'0W$~U-D5FqW ԅ` [|S8P 1&q>G r/Gjc>h 4h%H'ɂ'ך6[o^ O[, FJȱ?ҶGX$oOm\oF>JE!6UD!)|ʊwL,+N!QQ(9w!{ %*60\pUcc& V@U5y1:+Wt#÷U"]k葁 1HW_>{${:̧FՋ%6u լM ?+ޫ$> "8Ƌb@ b ?#QիzϾm ztwf?3-A!)}& ̝9Dm2!YkʼW˭ 4d0l \aӔB<01 >;%YUZ@50`[ ޘAI"U (hN UjkDSf'X*e2@gUjs3ݚ|.L&>)?; 7PG;>3#G9FOjrDSCŁRG6s&`O`-۸4 Md&Ñe΋;y@EF/T U~QAfUuNΤIbu( 'D3wbدn[*oݜ ,4v,P,/@QsG@ㆮ}=5k۬x.m D}vqu*~4$o]W[}8iX^!t|tt1"r%tƖHXBT* T$<&$f^=, >LilŴ$0H  $;YW3]k QemDJdy=Ay IuZ=TiN4q"@ %RSxEi}`I,T?ɜ+ͮbx@j%/_"4|U,˩Pc߿BrS ["͉d ][ 眘?תQf>*F"hm % }D6> NGN:H^eUZǓ>fKp'CʑyY/4pEVp8~*)\g}C^~5*yCY~wYۯTiVyo" ӟ@u#HnȴV^4I! ?pZkJt՚!)]ɮ2-3aDN\_3 vK:Xϴz~fۉ,WCpS'oB=|BX)_sac cewԑwdF uYX7C}nɽiJH-;Pj]ohqSaC3䄼6B}z;lhSC~|h1)C*4 ))!s~50cGUtK+*5Oϋ4Y53A l +T. =S[<?/UKԺgǕ[ؤ%ギ:dRVz]g_'>J}JtBYɂƫQM)Ҵ3k=~g:Ii'fpHyh2>c_Um7a߇PP`Ev%jI %*aiYr'| |t2ZsՐ|%UO: ebtK~c@3ů;oFcI=[#5}LxS YZ