apache2-mod_auth_openidc-2.4.17.1-150600.16.17.1<>,*hip9|0,y;Bus`zfV0ђ>YVRsF┫w\}z,$s%-ۭ ǯ6n4aH?k.!/T?m+ik@nO-q=twK^5Y=z=81yo"AF7WTA\Y\*CJ/u|K8>:7}+ ѝûW^zB|J'q=5cRG=<S^! ~-!KA6U8]Wn Xq4;a[R->> ?d$ 3 t!BM c      (2<xJ(x89:QFGHIXY\]^$bDcdefluvw@xHyPzCapache2-mod_auth_openidc2.4.17.1150600.16.17.1Apache2.x module for an OpenID Connect enabled Identity ProviderThis module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.is390zp34 {SUSE Linux Enterprise 15SUSE LLC Apache-2.0https://www.suse.com/Productivity/Networking/Web/Servershttps://github.com/zmartzone/mod_auth_openidc/linuxs390x {Aii8ddb513a6aa440fa4096f49ecb0d192c8df72d84b313180db6fee4a56dd63670rootrootrootrootapache2-mod_auth_openidc-2.4.17.1-150600.16.17.1.src.rpmapache2-mod_auth_openidcapache2-mod_auth_openidc(s390-64)@@@@@@@@@@@@@@@@    apache_mmn_20120211libapr-1.so.0()(64bit)libaprutil-1.so.0()(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.2)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.38)(64bit)libc.so.6(GLIBC_2.4)(64bit)libcjose.so.0()(64bit)libcrypto.so.3()(64bit)libcrypto.so.3(OPENSSL_3.0.0)(64bit)libcurl.so.4()(64bit)libjansson.so.4()(64bit)libjansson.so.4(libjansson.so.4)(64bit)libpcre.so.1()(64bit)libz.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)suse_maintenance_mmn_03.0.4-14.6.0-14.0-15.2-14.14.3iX@i@h>g@f=@f}T@d,@c@bV@aF`@`e^_@]{@[v[GZZ1@pgajdos@suse.commartin.schreiner@suse.compgajdos@suse.compgajdos@suse.comdanilo.spinella@suse.comdanilo.spinella@suse.comdanilo.spinella@suse.comdanilo.spinella@suse.comdanilo.spinella@suse.comdanilo.spinella@suse.comdanilo.spinella@suse.compgajdos@suse.comkstreitova@suse.comkstreitova@suse.comkstreitova@suse.comkstreitova@suse.comvcizek@suse.comchristof.hanke@mpcdf.mpg.de- actually run the testsuite [jsc#PED-14130]- Update to 2.4.17.1 (bsc#1248806 / PED-14130). - Remove patches, as they've been merged upstream: * apache2-mod_auth_openidc-2.3.8-CVE-2019-14857.patch * apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch * apache2-mod_auth_openidc-CVE-2025-31492.patch * apache2-mod_auth_openidc-CVE-2025-3891.patch * fix-CVE-2021-32785.patch * fix-CVE-2021-32786.patch * fix-CVE-2021-32791.patch * fix-CVE-2021-32792-1.patch * fix-CVE-2021-32792-2.patch * fix-CVE-2021-39191.patch * fix-CVE-2022-23527-0.patch * fix-CVE-2022-23527-1.patch * fix-CVE-2022-23527-2.patch * fix-CVE-2022-23527-3.patch * fix-CVE-2023-28625.patch * fix-CVE-2024-24814.patch * harden-refresh-token-request.patch- security update - added patches CVE-2025-3891 [bsc#1242015], denial of service via an empty POST request when OIDCPreservePost is enabled + apache2-mod_auth_openidc-CVE-2025-3891.patch- security update - added patches fix CVE-2025-31492 [bsc#1240893], OIDCProviderAuthRequestMethod POSTs can leak protected data + apache2-mod_auth_openidc-CVE-2025-31492.patch - enable the testsuite- Fix apxs2 binary location, which made the library file be installed in root folder, bsc#1227261- Fix CVE-2024-24814, DoS when `OIDCSessionType client-cookie` is set and a crafted Cookie header is supplied, bsc#1219911 * fix-CVE-2024-24814.patch- Fix CVE-2023-28625, NULL pointer dereference when OIDCStripCookies is set and a crafted Cookie header is supplied, bsc#1210073 * fix-CVE-2023-28625.patch- Fix CVE-2022-23527, Open Redirect in oidc_validate_redirect_url() using tab character (CVE-2022-23527, bsc#1206441) * fix-CVE-2022-23527-0.patch * fix-CVE-2022-23527-1.patch * fix-CVE-2022-23527-3.patch * fix-CVE-2022-23527-2.patch - Harden oidc_handle_refresh_token_request function * harden-refresh-token-request.patch - Fixes bsc#1199868, mod_auth_openidc not loading- Fix CVE-2021-39191 open redirect issue in target_link_uri parameter (CVE-2021-39191, bsc#1190223) * fix-CVE-2021-39191.patch- Fix CVE-2021-32791 Hardcoded static IV and AAD with a reused key in AES GCM encryption (CVE-2021-32791, bsc#1188849) * fix-CVE-2021-32791.patch - Fix CVE-2021-32792 XSS when using OIDCPreservePost On (CVE-2021-32792, bsc#1188848) * fix-CVE-2021-32792-1.patch * fix-CVE-2021-32792-2.patch- Fix CVE-2021-32785 format string bug via hiredis (CVE-2021-32785, bsc#1188638) * fix-CVE-2021-32785.patch - Fix CVE-2021-32786 open redirect in logout functionality (CVE-2021-32786, bsc#1188639) * fix-CVE-2021-32786.patch - Refresh apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch- require hiredis only for newer distros than SLE-15 [jsc#SLE-11726]- add apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch to fix open redirect issue that exists in URLs with a slash and backslash at the beginning [bsc#1164459], [CVE-2019-20479]- add apache2-mod_auth_openidc-2.3.8-CVE-2019-14857.patch to fix open redirect issue that exists in URLs with trailing slashes [bsc#1153666], [CVE-2019-14857]- submission to SLE15SP1 because of fate#324447 - build with hiredis only for openSUSE where hiredis is available - add a version for jansson BuildRequires- update to 2.3.8 - changes in 2.3.8 * fix return result FALSE when JWT payload parsing fails * add LGTM code quality badges * fix 3 LGTM alerts * improve auto-detection of XMLHttpRequests via Accept header * initialize test_proto_authorization_request properly * add sanity check on provider->auth_request_method * allow usage with LibreSSL * don't return content with 503 since it will turn the HTTP status code into a 200 * add option to set an upper limit to the number of concurrent state cookies via OIDCStateMaxNumberOfCookies * make the default maximum number of parallel state cookies 7 instead of unlimited * fix using access token as endpoint auth method in introspection calls * fix reading access_token form POST parameters when combined with `AuthType auth-openidc` - changes in 2.3.7 * abort when string length for remote user name substitution is larger than 255 characters * fix Redis concurrency issue when used with multiple vhosts * add support for authorization server metadata with OIDCOAuthServerMetadataURL as in RFC 8414 * refactor session object creation * clear session cookie and contents if cache corruption is detected * use apr_pstrdup when setting r->user * reserve 255 characters in remote username substition instead of 50 - changes in 2.3.6 * add check to detect session cache corruption for server-based caches and cached static metadata * avoid using pipelining for Redis * send Basic header in OAuth www-authenticate response if that's the only accepted method; thanks @puiterwijk * refactor Redis cache backend to solve issues on AUTH errors: a) memory leak and b) redisGetReply lagging behind * adjust copyright year/org * fix buffer overflow in shm cache key set strcpy * turn missing session_state from warning into a debug statement * fix missing "return" on error return from the OP * explicitly set encryption kid so we're compatible with cjose >= 0.6.0 - changes in 2.3.5 * fix encoding of preserved POST data * avoid buffer overflow in shm cache key construction * compile with with Libressl- update to 2.3.4 - requested in fate#323817- initial packagings390zp34 17726181202.4.17.1-150600.16.17.12.4.17.1-150600.16.17.1apache2mod_auth_openidc.so/usr/lib64//usr/lib64/apache2/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:43029/SUSE_SLE-15-SP6_Update/b089199f0ec789a81bda0170079de920-apache2-mod_auth_openidc.SUSE_SLE-15-SP6_Updatedrpmxz5s390x-suse-linuxdirectoryELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, BuildID[sha1]=c52148c12be9b92e24029df0cd97b2821cd0897d, strippedRRRRRRR RRR R R R RRR'vQVo5utf-8f9240b34d7f3ef04257e7e8de2f7401db339a4637d7bab08708c75329be6ebde? 7zXZ !t/ ]"k%"5okw@_/.PS8=TXe+_dۜ_ w_H%b*ڃ' tVrd~ѫ5:J`!)(DEYЪx4G%\ j|0n C=r`v!߇昍lȋ[֩,=XI0W pOe>wl834$Cm)5.d7r;J<sY4H}l흌r0U07",'%U_U SoNNRz'B͌ۿ~Wc`4`W@gfeI]Nkaw@qӘ&ڪi^}2,*w1ZD?Gn_Ynv.2Lc)KJo ⽘B+Xw JC736ŠXfQyWE/]۳RT?5jW.汛t֪eulܱP5WhUoT-L Ek&,Ԣ` +`IB)76;ϙW˜Vz6H= е#/|#&3/fﷺ_Wo!X{c{`