Hi Peter, I've uploaded from Jammy to Plucky into our security-proposed ppa:
https://launchpad.net/~ubuntu-security- proposed/+archive/ubuntu/ppa/+packages?field.name_filter=libapache&field.status_filter=published&field.series_filter= If you could run some tests that everything looks good, I would appreciate. Focal and bionic I'm still unsure if they are truly vulnerable to it. I will update the bug accordingly when I finalize my thoughts. ** Changed in: libapache2-mod-auth-openidc (Ubuntu Jammy) Status: In Progress => Fix Committed ** Changed in: libapache2-mod-auth-openidc (Ubuntu Noble) Status: In Progress => Fix Committed ** Changed in: libapache2-mod-auth-openidc (Ubuntu Oracular) Status: In Progress => Fix Committed ** Changed in: libapache2-mod-auth-openidc (Ubuntu Plucky) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/2106320 Title: OIDCProviderAuthRequestMethod POST leaks protected data To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libapache2-mod-auth-openidc/+bug/2106320/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
