Alerts This Week
Warning Icon 1 562
Alerts This Week
Warning Icon 1 562

openSUSE Leap 15.6: Important Security Update for apache2-mod_auth_openidc

opensuse
Calendar Grey December 29, 2025
Dist Opensuse Esm H88
This update addresses 12 vulnerabilities in apache2-mod_auth_openidc for openSUSE, enhancing system security and stability.
An update that solves 12 vulnerabilities and contains one feature can now be installed.

Description

This update for apache2-mod_auth_openidc fixes the following issues:

* Update to 2.4.17.1 (bsc#1248806 / PED-14130).

* Remove many patches, as they've been merged upstream.

Topics%20covered

Topics Covered

security advisory security issue important OpenSUSE feature update apache2-mod_auth_openidc

Patch

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like

YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6

zypper in -t patch openSUSE-SLE-15.6-2025-4532=1 SUSE-2025-4532=1

* Server Applications Module 15-SP6

zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-4532=1

* Server Applications Module 15-SP7

zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-4532=1

Package List

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)

* apache2-mod_auth_openidc-2.4.17.1-150600.16.14.1

* apache2-mod_auth_openidc-debugsource-2.4.17.1-150600.16.14.1

* apache2-mod_auth_openidc-debuginfo-2.4.17.1-150600.16.14.1

* Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)

* apache2-mod_auth_openidc-2.4.17.1-150600.16.14.1

* apache2-mod_auth_openidc-debugsource-2.4.17.1-150600.16.14.1

* apache2-mod_auth_openidc-debuginfo-2.4.17.1-150600.16.14.1

* Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)

* apache2-mod_auth_openidc-2.4.17.1-150600.16.14.1

* apache2-mod_auth_openidc-debugsource-2.4.17.1-150600.16.14.1

* apache2-mod_auth_openidc-debuginfo-2.4.17.1-150600.16.14.1

References

* bsc#1248806

* jsc#PED-14130

## References:

* https://www.suse.com/security/cve/CVE-2019-14857.html

* https://www.suse.com/security/cve/CVE-2019-20479.html

* https://www.suse.com/security/cve/CVE-2021-32785.html

* https://www.suse.com/security/cve/CVE-2021-32786.html

* https://www.suse.com/security/cve/CVE-2021-32791.html

* https://www.suse.com/security/cve/CVE-2021-32792.html

* https://www.suse.com/security/cve/CVE-2021-39191.html

* https://www.suse.com/security/cve/CVE-2022-23527.html

* https://www.suse.com/security/cve/CVE-2023-28625.html

* https://www.suse.com/security/cve/CVE-2024-24814.html

* https://www.suse.com/security/cve/CVE-2025-31492.html

* https://www.suse.com/security/cve/CVE-2025-3891.html

* https://bugzilla.suse.com/show_bug.cgi?id=1248806

* https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=https%3A%2F%2Fjira.suse.com%2Fbrowse%2FPED-14130

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:4532-1
Release Date: 2025-12-29T13:54:09Z
Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7

Topics%20covered

Topics Covered

security advisory security issue important OpenSUSE feature update apache2-mod_auth_openidc

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here