Hi everyone, I have prepared a backport of the patches for the version packaged in Buster: https://salsa.debian.org/debian/libapache2-mod-auth-openidc/commit/17e31b94a71ef02d1417bee6b0ef7b7379b40375
If you deem necessary and sufficient, please release as a security update or otherwise I'll try to get it in in proposed-updates. Regards, Moritz (another one) On 11.10.19 10:14, Moritz Muehlenhoff wrote: > Package: libapache2-mod-auth-openidc > Severity: grave > Tags: security > > Please see: > https://groups.google.com/forum/#!topic/mod_auth_openidc/boy1Ba3Gdk4 > > https://github.com/zmartzone/mod_auth_openidc/commit/5c15dfb08106c2451c2c44ce7ace6813c216ba75 > https://github.com/zmartzone/mod_auth_openidc/commit/ce37080c6aea30aabae8b4a9b4eea7808445cc8e > https://github.com/zmartzone/mod_auth_openidc/pull/451 > > Cheers, > Moritz > > -- Moritz Schlarb Unix-Gruppe | Systembetreuung Zentrum für Datenverarbeitung Johannes Gutenberg-Universität Mainz Raum 01-331 - Tel. +49 6131 39-29441 OpenPGP Fingerprint: DF01 2247 BFC6 5501 AFF2 8445 0C24 B841 C7DD BAAF
signature.asc
Description: OpenPGP digital signature