Accepted libapache2-mod-auth-openidc 1.6.0-1+deb8u2 (source amd64) into oldoldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted libapache2-mod-auth-openidc 1.6.0-1+deb8u2 (source amd64) into oldoldstable
From: Markus Koschany <apo@debian.org>
Date: Mon, 18 Nov 2019 14:00:15 +0000
Message-id: <[🔎] E1iWhZf-0006ql-7i@seger.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 18 Nov 2019 14:40:00 +0100
Source: libapache2-mod-auth-openidc
Binary: libapache2-mod-auth-openidc
Architecture: source amd64
Version: 1.6.0-1+deb8u2
Distribution: jessie-security
Urgency: high
Maintainer: Hans Zandbelt <hzandbelt@pingidentity.com>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 libapache2-mod-auth-openidc - OpenID Connect authentication module for Apache
Changes:
 libapache2-mod-auth-openidc (1.6.0-1+deb8u2) jessie-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2019-14857:
     A security vulnerability was found in libapache2-mod-auth-openidc, the
     OpenID Connect authentication module for the Apache HTTP server.
     Insufficient validatation of URLs leads to an Open Redirect vulnerability.
     An attacker may trick a victim into providing credentials for an OpenID
     provider by forwarding the request to an illegitimate website.
Checksums-Sha1:
 268d70f47668001f7351cce1c9d82c378d24d421 2169 libapache2-mod-auth-openidc_1.6.0-1+deb8u2.dsc
 453169ffd1f8310b0f021a08931f2ca41a93f251 5976 libapache2-mod-auth-openidc_1.6.0-1+deb8u2.debian.tar.xz
 860b211e97bbef363cabf2838771324b47f66ac8 88600 libapache2-mod-auth-openidc_1.6.0-1+deb8u2_amd64.deb
Checksums-Sha256:
 b08209d41dd19c5cffc26f24c0ccfd3363b5c0ee161e316cb80bd1fadc5cbe05 2169 libapache2-mod-auth-openidc_1.6.0-1+deb8u2.dsc
 83edbec34cec31770ce3bea666b6f369dd8d42ba7942fa34fd711097db77c4ab 5976 libapache2-mod-auth-openidc_1.6.0-1+deb8u2.debian.tar.xz
 4faea8405a6f8559a3c23f0509545d945229ae9af67eb723007223b7e9c49b55 88600 libapache2-mod-auth-openidc_1.6.0-1+deb8u2_amd64.deb
Files:
 522c3b999b373e103b0043e1d71aae80 2169 web extra libapache2-mod-auth-openidc_1.6.0-1+deb8u2.dsc
 005304d4d77041f3d3df976d3e680d44 5976 web extra libapache2-mod-auth-openidc_1.6.0-1+deb8u2.debian.tar.xz
 4fa41d0414141c6e6dc238f615f37348 88600 web extra libapache2-mod-auth-openidc_1.6.0-1+deb8u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl3SoB5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkhzEP/3qANhRMDybhZIUoMT+aerDNdi72DJ7gXG5B
OTKUTbDxd24NL8rsKWPxUwFMi23XH+vMxS/MPl1uiCNwaBEP7vHn5qN7AnCLIp/E
IOM5zHTIYA8SjYNiBL9zllLsoYiKugozDhNR1J3Tw67ALbHwV89kCfp/Io0Hhx+l
YnEaULxa1Y21SrqK9oyV/YXfavGTZrthKtGWjbQ4ZNqhz73XKt2aUY2jbA5R1NV0
BUOtJA7R1aCPYUNORoKGWpPZrXGsExjtqrXWhwu5vfDZ3E9cVkG0ssb6pQxLNNT6
zjN+27F7vpPXviuzdnQZlX50grd8e1E3nm2WBB3fUliYRW9iz9APT1HrNyTUzbCZ
m37a8ulMMYClFsWYUyaQO3HybFS38b8SxD1MINThgvBTCBgIUDPrTjCoETWRDl0h
+FmAMupL/5JBng4Dos84wiHaE5lFvbXl4voJ/BT7AWVGBQMFFtpScBsXzYc5s3cA
Xig1jIMpK2/mWMs4D9UA0MMi5b3pkcRFzX8hG29a6JVZoT2bv8KunIiY2BXkpGJ9
lUTDIc+TT+40RlnDvEsWv08xd8BM87MTCNwC7tFma9B+kFxmuqN162fk5K9wetOW
nlCyMR4ltnMsitTiei/087h/0uPiB7tX6BK0l3JNJU5j0D0vEbYNZAPr+9BOhD2a
HsbJzhAA
=ocab
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted angular.js 1.2.26-1+deb8u1 (source all) into oldoldstable
Next by Date: Accepted postgresql-9.4 9.4.25-0+deb8u1 (source amd64 all) into oldoldstable
Previous by thread: Accepted angular.js 1.2.26-1+deb8u1 (source all) into oldoldstable
Next by thread: Accepted postgresql-9.4 9.4.25-0+deb8u1 (source amd64 all) into oldoldstable
Index(es):
- Date
- Thread