Bug#945578: buster-pu: package libapache2-mod-auth-openidc/2.3.10.2-1
- To: 945578@bugs.debian.org
- Cc: Moritz Schlarb <schlarbm@uni-mainz.de>, "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Subject: Bug#945578: buster-pu: package libapache2-mod-auth-openidc/2.3.10.2-1
- From: Salvatore Bonaccorso <carnil@debian.org>
- Date: Fri, 26 Mar 2021 09:22:10 +0100
- Message-id: <[🔎] YF2Zsn8V95c0kFPe@eldamar.lan>
- Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 945578@bugs.debian.org
- In-reply-to: <20200731082513.GA575110@eldamar.local>
- References: <157484993164.25129.4626987186182709647.reportbug@schlarb-1.zdv.Uni-Mainz.DE> <157484993164.25129.4626987186182709647.reportbug@schlarb-1.zdv.Uni-Mainz.DE> <3b187eef6b28ea901344d2089dc4ca72dc94d892.camel@adam-barratt.org.uk> <157484993164.25129.4626987186182709647.reportbug@schlarb-1.zdv.Uni-Mainz.DE> <20200731082513.GA575110@eldamar.local> <157484993164.25129.4626987186182709647.reportbug@schlarb-1.zdv.Uni-Mainz.DE>
Hi Moritz,
On Fri, Jul 31, 2020 at 10:25:13AM +0200, Salvatore Bonaccorso wrote:
> Hi Moritz,
>
> On Tue, Jan 28, 2020 at 10:43:25PM +0000, Adam D. Barratt wrote:
> > Control: tags -1 + confirmed
> >
> > On Wed, 2019-11-27 at 11:18 +0100, Moritz Schlarb wrote:
> > > Fixes CVE-2019-14857 (Open redirect in logout url when using URLs
> > > with backslashes) by improving validation of the post-logout URL
> > > parameter (backported from upstream, see
> > > https://salsa.debian.org/debian/libapache2-mod-
> > > auth-openidc/commit/17e31b94a71ef02d1417bee6b0ef7b7379b40375)
> > >
> >
> > Please go ahead; sorry for the delay.
>
> Friendly ping on the acknowledgement from Adam. Moritz did you
> recieved it? Can you upload for the 10.6 point release?
Friendly ping for the inclusion in the 10.10 point release. Did you
got the above conversation?
Regards,
Salvatore
Reply to: