[Bug 2106320] Re: OIDCProviderAuthRequestMethod POST leaks protected data

Launchpad Bug Tracker Wed, 23 Apr 2025 06:56:42 -0700

This bug was fixed in the package libapache2-mod-auth-openidc -
2.4.15.1-1ubuntu0.1


---------------
libapache2-mod-auth-openidc (2.4.15.1-1ubuntu0.1) noble-security; urgency=medium

  * SECURITY UPDATE: Data leak (LP: #2106320)
    - debian/patches/CVE-2025-31492.patch: fix OIDCProviderAuthRequestMethod
    POST
    - CVE-2025-31492

 -- Eduardo Barretto <eduardo.barre...@canonical.com>  Mon, 14 Apr 2025
19:23:44 +0200

** Changed in: libapache2-mod-auth-openidc (Ubuntu Jammy)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2106320

Title:
  OIDCProviderAuthRequestMethod POST leaks protected data

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libapache2-mod-auth-openidc/+bug/2106320/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2106320] Re: OIDCProviderAuthRequestMethod POST leaks protected data

Reply via email to