Stay Secure with the Latest Linux Advisories

security advisoryauthentication issueScientific Linux

Scientific Linux SL7: SLSA-2019-2112-1 Moderate: mod_auth_openidc Issues

mod_auth_openidc: OIDC_CLAIM and OIDCAuthNHeader not skipped in an "AuthType oauth20" configuration (CVE-2017-6413) * mod_auth_openidc: Shows user-supplied content on error pages (CVE-2017-6059) SL7 x86_64 mod_auth_openidc-1.8.8-5.el7.x86_64.rpm mod_auth_openidc-debuginfo-1.8.8-5.el7.x86_64.rpm - Scientific Linux Development Team. Synopsis: Moderate: mod_auth_openidc security update Advisory ID: SLSA-2019:2112-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2017-6413 CVE-2017-6059 -- Security Fix(es): * mod_auth_openidc: OIDC_CLAIM and OIDCAuthNHeader not skipped in an "AuthType oauth20" configuration (CVE-2017-6413) * mod_auth_openidc: Shows user-supplied content on error pages (CVE-2017-6059) -- SL7 x86_64 mod_auth_openidc-1.8.8-5.el7.x86_64.rpm mod_auth_openidc-debuginfo-1.8.8-5.el7.x86_64.rpm - Scientific Linux Development Team . Patch released for mod_auth_openidc on Scientific Linux fixing medium-level vulnerabilities related to potential exposure of user-provided data.. mod_auth_openidc, SL7 security, authentication threats, error page issues, Linux updates. . LinuxSecurity.com Team

Aug 26, 2019 Scientific Linux