Bug#945578: buster-pu: package libapache2-mod-auth-openidc/2.3.10.2-1

To: Salvatore Bonaccorso <carnil@debian.org>, 945578@bugs.debian.org
Cc: Moritz Schlarb <schlarbm@uni-mainz.de>
Subject: Bug#945578: buster-pu: package libapache2-mod-auth-openidc/2.3.10.2-1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Fri, 05 Aug 2022 20:33:36 +0100
Message-id: <[🔎] 0476a5f7f79c46fec9d4fb521001fb61ca413207.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 945578@bugs.debian.org
In-reply-to: <YF2Zsn8V95c0kFPe@eldamar.lan>
References: <157484993164.25129.4626987186182709647.reportbug@schlarb-1.zdv.Uni-Mainz.DE> <157484993164.25129.4626987186182709647.reportbug@schlarb-1.zdv.Uni-Mainz.DE> <3b187eef6b28ea901344d2089dc4ca72dc94d892.camel@adam-barratt.org.uk> <157484993164.25129.4626987186182709647.reportbug@schlarb-1.zdv.Uni-Mainz.DE> <20200731082513.GA575110@eldamar.local> <157484993164.25129.4626987186182709647.reportbug@schlarb-1.zdv.Uni-Mainz.DE> <YF2Zsn8V95c0kFPe@eldamar.lan> <157484993164.25129.4626987186182709647.reportbug@schlarb-1.zdv.Uni-Mainz.DE>

On Fri, 2021-03-26 at 09:22 +0100, Salvatore Bonaccorso wrote:
> Hi Moritz,
> 
> On Fri, Jul 31, 2020 at 10:25:13AM +0200, Salvatore Bonaccorso wrote:
> > Hi Moritz,
> > 
> > On Tue, Jan 28, 2020 at 10:43:25PM +0000, Adam D. Barratt wrote:
> > > Control: tags -1 + confirmed
> > > 
> > > On Wed, 2019-11-27 at 11:18 +0100, Moritz Schlarb wrote:
> > > > Fixes CVE-2019-14857 (Open redirect in logout url when using
> > > > URLs
> > > > with backslashes) by improving validation of the post-logout
> > > > URL
> > > > parameter (backported from upstream, see 
> > > > https://salsa.debian.org/debian/libapache2-mod-
> > > > auth-openidc/commit/17e31b94a71ef02d1417bee6b0ef7b7379b40375)
> > > > 
> > > 
> > > Please go ahead; sorry for the delay.
> > 
> > Friendly ping on the acknowledgement from Adam. Moritz did you
> > recieved it? Can you upload for the 10.6 point release?
> 
> Friendly ping for the inclusion in the 10.10 point release. Did you
> got the above conversation?

Ping? We're in the process of organising the final point release for
buster, as support for it transitions over to the LTS team, so if you
would still like to fix it via pu then the upload needs to happen soon.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#945578: buster-pu: package libapache2-mod-auth-openidc/2.3.10.2-1
  - From: Moritz Schlarb <schlarbm@uni-mainz.de>

Prev by Date: Bug#942464: Fwd: Re: Bug#941626: Bug#942464: buster-pu: package haveged/1.9.1-7
Next by Date: Bug#990372: buster-pu: package feature-check/0.2.2-3
Previous by thread: Bug#942464: Fwd: Re: Bug#941626: Bug#942464: buster-pu: package haveged/1.9.1-7
Next by thread: Bug#945578: buster-pu: package libapache2-mod-auth-openidc/2.3.10.2-1
Index(es):
- Date
- Thread