Bug#945578: buster-pu: package libapache2-mod-auth-openidc/2.3.10.2-1
Control: tags -1 + confirmed
On Wed, 2019-11-27 at 11:18 +0100, Moritz Schlarb wrote:
> Fixes CVE-2019-14857 (Open redirect in logout url when using URLs
> with backslashes) by improving validation of the post-logout URL
> parameter (backported from upstream, see
> https://salsa.debian.org/debian/libapache2-mod-
> auth-openidc/commit/17e31b94a71ef02d1417bee6b0ef7b7379b40375)
>
Please go ahead; sorry for the delay.
Regards,
Adam
Reply to: