������apache2-mod_auth_openidc-2.4.17.1-150600.16.17.1��������������������������������������������������<���>�������,���������������������������������������������������*X�����i�Mp9|��t��VY<9t�Nm۱W*�]WRt9J7,:iQ�*q!T2~4Y% `?�,0.Oo?�;VrcsTch�ܷtO*��/��H�PQlgL_8؇(���+Əf��RT-[���;o�*S��^n`dQ`,R5W(@GgOn��rܭ^�Tg+~|��EV#��ApmY˗�
.;T����>��������������������>������?��������������d����������������������������������������������������$���������� ���3���������� ���t������������������������������������������������������������������������!��������������B��������������M���������� ���c������������������������������������������������������������������������������� ��������������
���������������������������������������������
������� ���������������(���������������2���������������<���������������x�������������������������������������������������������������9�������(�������f�������8�������p�������9��������������:�������A�������F��������������G��������������H��������������I��������������X��������������Y��������������\��������������]��������������^���������������b�������8�������c��������������d�������t�������e�������y�������f�������|�������l�������~�������u��������������v��������������w�������8�������x�������@�������y�������H�������z�������������������������������������������������������������������C�apache2-mod_auth_openidc�2.4.17.1�150600.16.17.1�Apache2.x module for an OpenID Connect enabled Identity Provider�This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.����i�Mh04-armsrv2��
�SUSE Linux Enterprise 15�SUSE LLC �Apache-2.0�https://www.suse.com/�Productivity/Networking/Web/Servers�https://github.com/zmartzone/mod_auth_openidc/�linux�aarch64������
�A����i�Ki�K�035d9cf13ccb0c20cd8cc498e91c2e0c87209f0cda49d5b6fa0302efcce6b8f4�����������root�root�root�root�apache2-mod_auth_openidc-2.4.17.1-150600.16.17.1.src.rpm����apache2-mod_auth_openidc�apache2-mod_auth_openidc(aarch-64)�������@���@���@���@���@���@���@���@���@���@���@���@���@���@���@����
���
���
���
����apache_mmn_20120211�ld-linux-aarch64.so.1()(64bit)�ld-linux-aarch64.so.1(GLIBC_2.17)(64bit)�libapr-1.so.0()(64bit)�libaprutil-1.so.0()(64bit)�libc.so.6()(64bit)�libc.so.6(GLIBC_2.17)(64bit)�libc.so.6(GLIBC_2.38)(64bit)�libcjose.so.0()(64bit)�libcrypto.so.3()(64bit)�libcrypto.so.3(OPENSSL_3.0.0)(64bit)�libcurl.so.4()(64bit)�libjansson.so.4()(64bit)�libjansson.so.4(libjansson.so.4)(64bit)�libpcre.so.1()(64bit)�libz.so.1()(64bit)�rpmlib(CompressedFileNames)�rpmlib(FileDigests)�rpmlib(PayloadFilesHavePrefix)�rpmlib(PayloadIsXz)�suse_maintenance_mmn_0�����������������3.0.4-1�4.6.0-1�4.0-1�5.2-1��4.14.3����iX@i��@h>g�@f=@f}T@d,�@c@bV@a�F`@`e^_@]{@[v[GZ�Z1�@pgajdos@suse.com�martin.schreiner@suse.com�pgajdos@suse.com�pgajdos@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�pgajdos@suse.com�kstreitova@suse.com�kstreitova@suse.com�kstreitova@suse.com�kstreitova@suse.com�vcizek@suse.com�christof.hanke@mpcdf.mpg.de�- actually run the testsuite [jsc#PED-14130]�- Update to 2.4.17.1 (bsc#1248806 / PED-14130).
- Remove patches, as they've been merged upstream:
* apache2-mod_auth_openidc-2.3.8-CVE-2019-14857.patch
* apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch
* apache2-mod_auth_openidc-CVE-2025-31492.patch
* apache2-mod_auth_openidc-CVE-2025-3891.patch
* fix-CVE-2021-32785.patch
* fix-CVE-2021-32786.patch
* fix-CVE-2021-32791.patch
* fix-CVE-2021-32792-1.patch
* fix-CVE-2021-32792-2.patch
* fix-CVE-2021-39191.patch
* fix-CVE-2022-23527-0.patch
* fix-CVE-2022-23527-1.patch
* fix-CVE-2022-23527-2.patch
* fix-CVE-2022-23527-3.patch
* fix-CVE-2023-28625.patch
* fix-CVE-2024-24814.patch
* harden-refresh-token-request.patch�- security update
- added patches
CVE-2025-3891 [bsc#1242015], denial of service via an empty POST request when OIDCPreservePost is enabled
+ apache2-mod_auth_openidc-CVE-2025-3891.patch�- security update
- added patches
fix CVE-2025-31492 [bsc#1240893], OIDCProviderAuthRequestMethod POSTs can leak protected data
+ apache2-mod_auth_openidc-CVE-2025-31492.patch
- enable the testsuite�- Fix apxs2 binary location, which made the library file be installed in root folder,
bsc#1227261�- Fix CVE-2024-24814, DoS when `OIDCSessionType client-cookie` is set
and a crafted Cookie header is supplied, bsc#1219911
* fix-CVE-2024-24814.patch�- Fix CVE-2023-28625, NULL pointer dereference when OIDCStripCookies is
set and a crafted Cookie header is supplied, bsc#1210073
* fix-CVE-2023-28625.patch�- Fix CVE-2022-23527, Open Redirect in oidc_validate_redirect_url() using tab character
(CVE-2022-23527, bsc#1206441)
* fix-CVE-2022-23527-0.patch
* fix-CVE-2022-23527-1.patch
* fix-CVE-2022-23527-3.patch
* fix-CVE-2022-23527-2.patch
- Harden oidc_handle_refresh_token_request function
* harden-refresh-token-request.patch
- Fixes bsc#1199868, mod_auth_openidc not loading�- Fix CVE-2021-39191 open redirect issue in target_link_uri parameter
(CVE-2021-39191, bsc#1190223)
* fix-CVE-2021-39191.patch�- Fix CVE-2021-32791 Hardcoded static IV and AAD with a reused key in AES GCM encryption
(CVE-2021-32791, bsc#1188849)
* fix-CVE-2021-32791.patch
- Fix CVE-2021-32792 XSS when using OIDCPreservePost On
(CVE-2021-32792, bsc#1188848)
* fix-CVE-2021-32792-1.patch
* fix-CVE-2021-32792-2.patch�- Fix CVE-2021-32785 format string bug via hiredis
(CVE-2021-32785, bsc#1188638)
* fix-CVE-2021-32785.patch
- Fix CVE-2021-32786 open redirect in logout functionality
(CVE-2021-32786, bsc#1188639)
* fix-CVE-2021-32786.patch
- Refresh apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch�- require hiredis only for newer distros than SLE-15 [jsc#SLE-11726]�- add apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch to fix
open redirect issue that exists in URLs with a slash and
backslash at the beginning [bsc#1164459], [CVE-2019-20479]�- add apache2-mod_auth_openidc-2.3.8-CVE-2019-14857.patch to fix
open redirect issue that exists in URLs with trailing slashes
[bsc#1153666], [CVE-2019-14857]�- submission to SLE15SP1 because of fate#324447
- build with hiredis only for openSUSE where hiredis is available
- add a version for jansson BuildRequires�- update to 2.3.8
- changes in 2.3.8
* fix return result FALSE when JWT payload parsing fails
* add LGTM code quality badges
* fix 3 LGTM alerts
* improve auto-detection of XMLHttpRequests via Accept header
* initialize test_proto_authorization_request properly
* add sanity check on provider->auth_request_method
* allow usage with LibreSSL
* don't return content with 503 since it will turn the HTTP
status code into a 200
* add option to set an upper limit to the number of concurrent
state cookies via OIDCStateMaxNumberOfCookies
* make the default maximum number of parallel state cookies
7 instead of unlimited
* fix using access token as endpoint auth method in
introspection calls
* fix reading access_token form POST parameters when combined
with `AuthType auth-openidc`
- changes in 2.3.7
* abort when string length for remote user name substitution
is larger than 255 characters
* fix Redis concurrency issue when used with multiple vhosts
* add support for authorization server metadata with
OIDCOAuthServerMetadataURL as in RFC 8414
* refactor session object creation
* clear session cookie and contents if cache corruption is detected
* use apr_pstrdup when setting r->user
* reserve 255 characters in remote username substition instead of 50
- changes in 2.3.6
* add check to detect session cache corruption for server-based
caches and cached static metadata
* avoid using pipelining for Redis
* send Basic header in OAuth www-authenticate response if that's
the only accepted method; thanks @puiterwijk
* refactor Redis cache backend to solve issues on AUTH errors:
a) memory leak and b) redisGetReply lagging behind
* adjust copyright year/org
* fix buffer overflow in shm cache key set strcpy
* turn missing session_state from warning into a debug statement
* fix missing "return" on error return from the OP
* explicitly set encryption kid so we're compatible with
cjose >= 0.6.0
- changes in 2.3.5
* fix encoding of preserved POST data
* avoid buffer overflow in shm cache key construction
* compile with with Libressl�- update to 2.3.4
- requested in fate#323817�- initial packaging�h04-armsrv2 1772617805������������������������������2.4.17.1-150600.16.17.1�2.4.17.1-150600.16.17.1���������apache2�mod_auth_openidc.so�/usr/lib64/�/usr/lib64/apache2/�-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g�obs://build.suse.de/SUSE:Maintenance:43029/SUSE_SLE-15-SP6_Update/b089199f0ec789a81bda0170079de920-apache2-mod_auth_openidc.SUSE_SLE-15-SP6_Update�drpm�xz�5�aarch64-suse-linux������������directory�ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, BuildID[sha1]=9ce90dbbe9f5666336edacabb09c8951260dde37, stripped�����������������R���R��
R��
R���R���R���R���R���R���R���R�� R���R���R���R���K
Rpr
����utf-8�e0a17a9be82d6f47b5c6390ea11c39f05131622d0b630f5e2225db31acf488ac���������?���� ����7zXZ��
���!�����t/���]�"��k%�"5okw@_/.�PS�8=TXe+�_�dۺ�U��N\wC�z�6X֊&�.sD&m�g3o���C�0C
NIB�4Z�^̀1 qm�s#
ΰ8(�l)+X)؍eLUg-.}ɴL�X�ł!́sVtE�@l�,ρ�Sҹ�#n$t3
��s-#�mM~�8 ;�m=f˯�:�֍n|
p�j Q3�SK`a˂6Yq�JalH�` �]
=niQ!Eo-�%�r!a�l@��D�s WտXP
|1XCdbo� JZQ�2P(ޕ(ߣ>gaFvM?,~`t:̚Z߽آbR>~p��(�i
lG�1&7
fMѼxeX|~e�kE�:�郲~y"
�ֹ郀-=u:�$�a`XŜ`q�]JkH�bu�KJf�<;:t-��I5L#Z�C���Դ4�x?�U RZ��fhB]sؽh.i/D
>=K`Hm&a;$bqos�3o �qC���q>4
�3{�33գ�C\2rV62rT沢UBc+!AxV�a�)2)ny
{ "&Q݂k16�"fT��Y(Uc(2]s U)
IJS/]A2?lrqN]L[=;%Ql9ȴ��j�\da]p&n�P3� 2�u�xh0Q�۽+/.<�.lS]{�,y[w&o91y|<$=G,X�][}?@}
R\\rG^q*v��qׇ>=���dAvZ��fSU`ŏ9wE�mQb�ZٙtQ��
=�.>5J$d %�D^jvKJp`U*
a28F>D!@�MhZV4
��ʢ<3W4dmtR#�@ ^U:!ʛW�SA;�9Wת)a�}�悷Uׁ �uHQ���Q:GM�?Bs5dj^/iA�l&]P�Y�T�6�MK�GF}��GR�wNl�
\j*JF�l���%����������
YZ