������apache2-mod_auth_openidc-2.4.17.1-150600.16.17.1��������������������������������������������������<���>�������,���������������������������������������������������*������i�lp9|��k�2�q!Fo�B�4ú<8XCǢ�_?Q\[�BΉVw-PÇ�z!�5tKGIX"� (JVDHB|89Vh]&9Uz$լ�d悤?!g$dC`�<3i*�ޏc �
yk�
�W���.7�pz,R<*r�K�+¡[51�[Bj(`�N[m*v�Yhak(�hھ&"nAv4cqP,jK|}b+���>��������������������>������?��������������d����������������������������������������������������$���������� ���3���������� ���t������������������������������������������������������������������������!��������������B��������������M���������� ���c������������������������������������������������������������������������������� ��������������
���������������������������������������������
������� ���������������(���������������2���������������<���������������x��������������������������������������������������������������������(���������������8���������������9�������d�������:��������������F�������<�������G�������T�������H�������\�������I�������d�������X�������h�������Y�������p�������\��������������]��������������^��������������b��������������c��������������d������� �������e�������%�������f�������(�������l�������*�������u�������@�������v�������H�������w��������������x���������������y�����������
���z�������<��������������L��������������P��������������V������������������C�apache2-mod_auth_openidc�2.4.17.1�150600.16.17.1�Apache2.x module for an OpenID Connect enabled Identity Provider�This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.����i�lxinomavro�������SUSE Linux Enterprise 15�SUSE LLC �Apache-2.0�https://www.suse.com/�Productivity/Networking/Web/Servers�https://github.com/zmartzone/mod_auth_openidc/�linux�ppc64le���������A����i�ii�i�3291853fd7a1f065afacab1c44a7759879ab2dca3cced7e37675b1887224a661�����������root�root�root�root�apache2-mod_auth_openidc-2.4.17.1-150600.16.17.1.src.rpm����apache2-mod_auth_openidc�apache2-mod_auth_openidc(ppc-64)���������@���@���@���@���@���@���@���@���@���@���@���@���@����
���
���
���
����apache_mmn_20120211�libapr-1.so.0()(64bit)�libaprutil-1.so.0()(64bit)�libc.so.6()(64bit)�libc.so.6(GLIBC_2.17)(64bit)�libc.so.6(GLIBC_2.38)(64bit)�libcjose.so.0()(64bit)�libcrypto.so.3()(64bit)�libcrypto.so.3(OPENSSL_3.0.0)(64bit)�libcurl.so.4()(64bit)�libjansson.so.4()(64bit)�libjansson.so.4(libjansson.so.4)(64bit)�libpcre.so.1()(64bit)�libz.so.1()(64bit)�rpmlib(CompressedFileNames)�rpmlib(FileDigests)�rpmlib(PayloadFilesHavePrefix)�rpmlib(PayloadIsXz)�suse_maintenance_mmn_0���������������3.0.4-1�4.6.0-1�4.0-1�5.2-1��4.14.3��iX@i��@h>g�@f=@f}T@d,�@c@bV@a�F`@`e^_@]{@[v[GZ�Z1�@pgajdos@suse.com�martin.schreiner@suse.com�pgajdos@suse.com�pgajdos@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�danilo.spinella@suse.com�pgajdos@suse.com�kstreitova@suse.com�kstreitova@suse.com�kstreitova@suse.com�kstreitova@suse.com�vcizek@suse.com�christof.hanke@mpcdf.mpg.de�- actually run the testsuite [jsc#PED-14130]�- Update to 2.4.17.1 (bsc#1248806 / PED-14130).
- Remove patches, as they've been merged upstream:
* apache2-mod_auth_openidc-2.3.8-CVE-2019-14857.patch
* apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch
* apache2-mod_auth_openidc-CVE-2025-31492.patch
* apache2-mod_auth_openidc-CVE-2025-3891.patch
* fix-CVE-2021-32785.patch
* fix-CVE-2021-32786.patch
* fix-CVE-2021-32791.patch
* fix-CVE-2021-32792-1.patch
* fix-CVE-2021-32792-2.patch
* fix-CVE-2021-39191.patch
* fix-CVE-2022-23527-0.patch
* fix-CVE-2022-23527-1.patch
* fix-CVE-2022-23527-2.patch
* fix-CVE-2022-23527-3.patch
* fix-CVE-2023-28625.patch
* fix-CVE-2024-24814.patch
* harden-refresh-token-request.patch�- security update
- added patches
CVE-2025-3891 [bsc#1242015], denial of service via an empty POST request when OIDCPreservePost is enabled
+ apache2-mod_auth_openidc-CVE-2025-3891.patch�- security update
- added patches
fix CVE-2025-31492 [bsc#1240893], OIDCProviderAuthRequestMethod POSTs can leak protected data
+ apache2-mod_auth_openidc-CVE-2025-31492.patch
- enable the testsuite�- Fix apxs2 binary location, which made the library file be installed in root folder,
bsc#1227261�- Fix CVE-2024-24814, DoS when `OIDCSessionType client-cookie` is set
and a crafted Cookie header is supplied, bsc#1219911
* fix-CVE-2024-24814.patch�- Fix CVE-2023-28625, NULL pointer dereference when OIDCStripCookies is
set and a crafted Cookie header is supplied, bsc#1210073
* fix-CVE-2023-28625.patch�- Fix CVE-2022-23527, Open Redirect in oidc_validate_redirect_url() using tab character
(CVE-2022-23527, bsc#1206441)
* fix-CVE-2022-23527-0.patch
* fix-CVE-2022-23527-1.patch
* fix-CVE-2022-23527-3.patch
* fix-CVE-2022-23527-2.patch
- Harden oidc_handle_refresh_token_request function
* harden-refresh-token-request.patch
- Fixes bsc#1199868, mod_auth_openidc not loading�- Fix CVE-2021-39191 open redirect issue in target_link_uri parameter
(CVE-2021-39191, bsc#1190223)
* fix-CVE-2021-39191.patch�- Fix CVE-2021-32791 Hardcoded static IV and AAD with a reused key in AES GCM encryption
(CVE-2021-32791, bsc#1188849)
* fix-CVE-2021-32791.patch
- Fix CVE-2021-32792 XSS when using OIDCPreservePost On
(CVE-2021-32792, bsc#1188848)
* fix-CVE-2021-32792-1.patch
* fix-CVE-2021-32792-2.patch�- Fix CVE-2021-32785 format string bug via hiredis
(CVE-2021-32785, bsc#1188638)
* fix-CVE-2021-32785.patch
- Fix CVE-2021-32786 open redirect in logout functionality
(CVE-2021-32786, bsc#1188639)
* fix-CVE-2021-32786.patch
- Refresh apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch�- require hiredis only for newer distros than SLE-15 [jsc#SLE-11726]�- add apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch to fix
open redirect issue that exists in URLs with a slash and
backslash at the beginning [bsc#1164459], [CVE-2019-20479]�- add apache2-mod_auth_openidc-2.3.8-CVE-2019-14857.patch to fix
open redirect issue that exists in URLs with trailing slashes
[bsc#1153666], [CVE-2019-14857]�- submission to SLE15SP1 because of fate#324447
- build with hiredis only for openSUSE where hiredis is available
- add a version for jansson BuildRequires�- update to 2.3.8
- changes in 2.3.8
* fix return result FALSE when JWT payload parsing fails
* add LGTM code quality badges
* fix 3 LGTM alerts
* improve auto-detection of XMLHttpRequests via Accept header
* initialize test_proto_authorization_request properly
* add sanity check on provider->auth_request_method
* allow usage with LibreSSL
* don't return content with 503 since it will turn the HTTP
status code into a 200
* add option to set an upper limit to the number of concurrent
state cookies via OIDCStateMaxNumberOfCookies
* make the default maximum number of parallel state cookies
7 instead of unlimited
* fix using access token as endpoint auth method in
introspection calls
* fix reading access_token form POST parameters when combined
with `AuthType auth-openidc`
- changes in 2.3.7
* abort when string length for remote user name substitution
is larger than 255 characters
* fix Redis concurrency issue when used with multiple vhosts
* add support for authorization server metadata with
OIDCOAuthServerMetadataURL as in RFC 8414
* refactor session object creation
* clear session cookie and contents if cache corruption is detected
* use apr_pstrdup when setting r->user
* reserve 255 characters in remote username substition instead of 50
- changes in 2.3.6
* add check to detect session cache corruption for server-based
caches and cached static metadata
* avoid using pipelining for Redis
* send Basic header in OAuth www-authenticate response if that's
the only accepted method; thanks @puiterwijk
* refactor Redis cache backend to solve issues on AUTH errors:
a) memory leak and b) redisGetReply lagging behind
* adjust copyright year/org
* fix buffer overflow in shm cache key set strcpy
* turn missing session_state from warning into a debug statement
* fix missing "return" on error return from the OP
* explicitly set encryption kid so we're compatible with
cjose >= 0.6.0
- changes in 2.3.5
* fix encoding of preserved POST data
* avoid buffer overflow in shm cache key construction
* compile with with Libressl�- update to 2.3.4
- requested in fate#323817�- initial packaging�xinomavro 1772617836��������������������������������2.4.17.1-150600.16.17.1�2.4.17.1-150600.16.17.1���������apache2�mod_auth_openidc.so�/usr/lib64/�/usr/lib64/apache2/�-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g�obs://build.suse.de/SUSE:Maintenance:43029/SUSE_SLE-15-SP6_Update/b089199f0ec789a81bda0170079de920-apache2-mod_auth_openidc.SUSE_SLE-15-SP6_Update�drpm�xz�5�ppc64le-suse-linux������������directory�ELF 64-bit LSB shared object, 64-bit PowerPC or cisco 7500, version 1 (SYSV), dynamically linked, BuildID[sha1]=5321641b7a772d92d35edcd0ebfc20d51d94c2b9, stripped�������������������
R���R���R���R���R���R���R�� R���R��
R���R���R��
R���ǥ1+v������utf-8�bc3c8906c4416545225b696f65882fc6f071b757a55984ba65b0ae89bd45ba1a���������?���� ����7zXZ��
���!�����t/���]�"��k%�"5okw@_/.�PS�8=TXe+�_�d�rh YYF-&梌K$H�K�O�F.�O!w|�~��6�$R 9�ŞeM�}�Ktn"vkN8_i)�'XQHÎS@Fft�Cc/5� ^J�@7%Gv~7�|@#L()��~pDɼP
\�\N%�R�E���=&%\9ptt4BϰC~ژ4F&]N�/aeB�u�.kL2&|�G�u*ƩC�yJ+��h7z�^^�zyh<�p
4m\bQ\)M�A�aҎ�͓z&q_-}�$b1�_�3Z�]MG.-j
ZC?٪��ɾ�I?)z
;Q(h^o�EnzGO�JA(
t}KLҎ
..�a�e(2o@A�$ΙtOIAvGsi}Z߷�K^r����o�0%[:�%����6o?p9:_?(Vc#%($ض]G
gX$�Wt�'�(0}$C��xu7tɩRѭ�l]YA$c� �qF�&M3N�?�NjTݫj�F
�"\OmǿWrAZ�.��NO>9�ӅY�^$>�aCݞ�$Tx�Yl(�YA5"
u$P/�4i
a�?�H(8FD;}8W�N'_U�")~PQL�꒓4��pW�<,�mL�&�s<3��SYfF\q��ɀZ`"i8A
�t�s&
D�^Q喙U=�n^�.E�ܴDŽ�>�7i(Nq�ci}�WE*x]Az�_g|=҄�d&ڕ�j�-�`.(PO4%
F�aSjM9j]BR�&>�,�xK���+ /<\t}^%�L>dE w03p)ZM4uy�\FƮ&^psdvM$kZJ�z�66KιntIRIA�qd7���?%�@!N~\,A?|B:ف?d"�s!I^GJ�AJxAH¨]2K4K SUU]�f/R)$_�HֽfX@?dq̆⟍� �$t�J7@�veUSU�:5+3G=
B}Mkbl��jN83nɂ�&�BKZ�BUu�2굉cQ"OګyQ6֫���%���ճ������
YZ