-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 16 Apr 2025 10:56:55 +0200 Source: libapache2-mod-auth-openidc Architecture: source Version: 2.4.12.3-2+deb12u3 Distribution: bookworm-security Urgency: high Maintainer: Moritz Schlarb <schlarbm@uni-mainz.de> Changed-By: Moritz Schlarb <moschlar@debian.org> Closes: 1102413 Changes: libapache2-mod-auth-openidc (2.4.12.3-2+deb12u3) bookworm-security; urgency=high . * Fix CVE-2025-31492 "protected content leakage when using OIDCProviderAuthRequestMethod POST" Backported applicable portions from upstream fix in https://github.com/OpenIDC/mod_auth_openidc/commit/b59b8ad63411857090ba1088e23fe414c690c127 (Closes: #1102413) Checksums-Sha1: f4cf8a960d1085e029d8a05a78ebc867022bdc8f 2321 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3.dsc b9ac80752e9df80a776dd3159c36b89235fcc566 273808 libapache2-mod-auth-openidc_2.4.12.3.orig.tar.gz 685255dca61e4deac0711ce08de4c04ec374f8f0 9312 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3.debian.tar.xz 6906bb7dd0925ab406e526891973a6b97d321d18 8598 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3_amd64.buildinfo Checksums-Sha256: 52d111a00bfc122ff8b41b77d4b54790e1ec2244db421b191e9e5d3b85bd0872 2321 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3.dsc a40866cd1a16fdf9f0f5907c6261b8df2c2d8cc503eec66458ea9e90cc26aae9 273808 libapache2-mod-auth-openidc_2.4.12.3.orig.tar.gz b5eb62a8c6f26fd8481a5e074566662c9e3944764aa5ec8f2be9d46d75de3cf8 9312 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3.debian.tar.xz 78a83fd8e823abdd826e0e16054928fdf05560f809fd6dc3deda4b1791cf2797 8598 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3_amd64.buildinfo Files: c5aa37d395b2b61ba03d09d9a90e3124 2321 httpd optional libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3.dsc d380369f305e372e643ed64b22630f2f 273808 httpd optional libapache2-mod-auth-openidc_2.4.12.3.orig.tar.gz a2c8b22f2994c893fc078e93e4b1a395 9312 httpd optional libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3.debian.tar.xz cd6dc6797fd695f2600b74153eab735b 8598 httpd optional libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJIBAEBCgAyFiEE3wEiR7/GVQGv8oRFDCS4Qcfduq8FAmf/v6QUHG1vc2NobGFy QGRlYmlhbi5vcmcACgkQDCS4Qcfduq/HLw/+Nvk3lA/p0LO0hqpqYrA4OOPE0CB9 v4tWaEczO4dVWsYTmxFiu1SAV86jpXTv1SFT1ivKSmZP+DEqhecnx6iRY+YKNxt9 QkOd5I3/cA8xMrIBg2VszgilR67EzoAXt7wdkTkFeHYIpWjVebtM84eChU5S2K6L qP2/S0/GANUDyJxM8uf+SmrZtQjVE4hqnlKZWHOwQ3x3i+z+QufNUv0oiXcBAWH2 Muzcgdf4VgpLuLLAl00hSwPr+faKwy+cytN6IVQ1Aks+gehXTj6KYQEzO27nJIB5 n/x4b8OO46YSGdWl9rMP+Cp6dUEphAZgMX8rvTLWYHeNHeoqDPBsNgVDPr470Z3n kNWiRYUJOBMnMZxQ+DZtMy5Vc9XtA2rIElJ9mbZbJDz8MibJTBPAQQsPzmoBn5mE pz6RB0Va1UglQ898HU/oPXV6WYuds68ByeaeaRnN+unTpB7sL0hx1vbtHLxsLC6U eLYCoRV7PJM/xZLwQQmwUqXS0F8AmutkFBCGEVLKwtnpnxNEYm0vCduLt8thEbFc hlFEkf3O785jabM3OlSg6Y5YmNSco7B4dKDHW7ci6C/5K+AiCoJyhvkcmUTIAkIV lv/gWEerdEP5D1cZDBlqAzTx8xMC1ijZm78D9e4j5BIan9cSV+JtabYQQsHkf8JJ 10xD2EkYo9eISw8= =jVQy -----END PGP SIGNATURE-----
