Oval Definition:oval:org.opensuse.security:def:1631
Revision Date:2021-09-13Version:1
Title:Security update for apache2-mod_auth_openidc (Moderate)
Description:

This update for apache2-mod_auth_openidc fixes the following issues:

- CVE-2021-32785: format string bug via hiredis (bsc#1188638) - CVE-2021-32786: open redirect in logout functionality (bsc#1188639) - CVE-2021-32791: Hardcoded static IV and AAD with a reused key in AES GCM encryption (bsc#1188849) - CVE-2021-32792: XSS when using OIDCPreservePost On (bsc#1188848)
Family:unixClass:patch
Status:Reference(s):1093536
1094462
1107874
1109845
1188638
1188639
1188848
1188849
CVE-2017-15108
CVE-2018-10811
CVE-2018-10811
CVE-2018-16151
CVE-2018-16151
CVE-2018-16152
CVE-2018-16152
CVE-2018-17540
CVE-2018-17540
CVE-2018-5388
CVE-2018-5388
CVE-2020-13249
CVE-2021-32785
CVE-2021-32786
CVE-2021-32791
CVE-2021-32792
SUSE-SU-2019:3056-1
SUSE-SU-2021:3020-1
Platform(s):SUSE Linux Enterprise Build System Kit 12
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 15 SP2
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Containers 15
SUSE Linux Enterprise Module for Desktop Applications 15
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15 SP2
SUSE Linux Enterprise Module for Development Tools 15
SUSE Linux Enterprise Module for Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Module for Server Applications 15 SP3
SUSE Linux Enterprise Module for Web Scripting 15
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Storage 7
SUSE Linux Enterprise Storage 7.1
SUSE Linux Enterprise Workstation Extension 12 SP1
SUSE Linux Enterprise Workstation Extension 15
SUSE Manager Proxy 4.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.1
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 is installed
  • AND kernel-zfcpdump-3.12.36-38.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libXRes1-1.0.7-3 is installed
  • OR libXRes1-32bit-1.0.7-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • NetworkManager-1.0.12-8 is installed
  • OR NetworkManager-lang-1.0.12-8 is installed
  • OR libnm-glib-vpn1-1.0.12-8 is installed
  • OR libnm-glib4-1.0.12-8 is installed
  • OR libnm-util2-1.0.12-8 is installed
  • OR libnm0-1.0.12-8 is installed
  • OR typelib-1_0-NM-1_0-1.0.12-8 is installed
  • OR typelib-1_0-NMClient-1_0-1.0.12-8 is installed
  • OR typelib-1_0-NetworkManager-1_0-1.0.12-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-70 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-70 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-70 is installed
  • OR libMagickCore-6_Q16-1-32bit-6.8.8.1-70 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-70 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed
  • AND spice-vdagent-0.19.0-1.62 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 is installed
  • AND Package Information
  • cluster-md-kmp-default-4.12.14-25.22 is installed
  • OR dlm-kmp-default-4.12.14-25.22 is installed
  • OR gfs2-kmp-default-4.12.14-25.22 is installed
  • OR kernel-default-4.12.14-25.22 is installed
  • OR ocfs2-kmp-default-4.12.14-25.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND Package Information
  • ctdb-4.9.5+git.187.71edee57d5a-3.9 is installed
  • OR samba-4.9.5+git.187.71edee57d5a-3.9 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Module for Server Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Linux Enterprise Storage 7.1 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND apache2-mod_auth_openidc-2.3.8-3.15.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • strongswan-5.6.0-4.3 is installed
  • OR strongswan-doc-5.6.0-4.3 is installed
  • OR strongswan-hmac-5.6.0-4.3 is installed
  • OR strongswan-ipsec-5.6.0-4.3 is installed
  • OR strongswan-libs0-5.6.0-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 15 is installed
  • AND Package Information
  • containerd-1.1.2-5.3 is installed
  • OR docker-18.06.1_ce-6.8 is installed
  • OR docker-bash-completion-18.06.1_ce-6.8 is installed
  • OR docker-libnetwork-0.7.0.1+gitr2664_3ac297bc7fd0-4.3 is installed
  • OR docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-6.3 is installed
  • OR golang-github-docker-libnetwork-0.7.0.1+gitr2664_3ac297bc7fd0-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 is installed
  • AND Package Information
  • ffmpeg-3.4.2-4.12 is installed
  • OR libavcodec57-3.4.2-4.12 is installed
  • OR libavutil-devel-3.4.2-4.12 is installed
  • OR libavutil55-3.4.2-4.12 is installed
  • OR libpostproc-devel-3.4.2-4.12 is installed
  • OR libpostproc54-3.4.2-4.12 is installed
  • OR libswresample-devel-3.4.2-4.12 is installed
  • OR libswresample2-3.4.2-4.12 is installed
  • OR libswscale-devel-3.4.2-4.12 is installed
  • OR libswscale4-3.4.2-4.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • wireshark-2.4.15-3.28 is installed
  • OR wireshark-devel-2.4.15-3.28 is installed
  • OR wireshark-ui-qt-2.4.15-3.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 is installed
  • AND Package Information
  • glibc-2.26-13.3 is installed
  • OR glibc-devel-32bit-2.26-13.3 is installed
  • OR glibc-devel-static-2.26-13.3 is installed
  • OR glibc-utils-2.26-13.3 is installed
  • OR glibc-utils-src-2.26-13.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND Package Information
  • ImageMagick-7.0.7.34-3.64 is installed
  • OR perl-PerlMagick-7.0.7.34-3.64 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed
  • AND Package Information
  • tomcat-9.0.10-3.7 is installed
  • OR tomcat-docs-webapp-9.0.10-3.7 is installed
  • OR tomcat-embed-9.0.10-3.7 is installed
  • OR tomcat-javadoc-9.0.10-3.7 is installed
  • OR tomcat-jsvc-9.0.10-3.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • libmariadb-devel-3.1.8-3.18 is installed
  • OR libmariadb_plugins-3.1.8-3.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 is installed
  • AND jakarta-commons-fileupload-1.1.1-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND ppp-2.4.7-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND yast2-3.1.206-37.1.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND Package Information
  • bash-devel-4.2-75.2 is installed
  • OR readline-devel-6.2-75.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP1 is installed
  • AND Package Information
  • gcc48-gij-4.8.5-24.1 is installed
  • OR gcc48-gij-32bit-4.8.5-24.1 is installed
  • OR libgcj48-4.8.5-24.1 is installed
  • OR libgcj48-32bit-4.8.5-24.1 is installed
  • OR libgcj48-jar-4.8.5-24.1 is installed
  • OR libgcj_bc1-4.8.5-24.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • ffmpeg-3.4.2-4.12 is installed
  • OR libavcodec-devel-3.4.2-4.12 is installed
  • OR libavformat-devel-3.4.2-4.12 is installed
  • OR libavformat57-3.4.2-4.12 is installed
  • OR libavresample-devel-3.4.2-4.12 is installed
  • OR libavresample3-3.4.2-4.12 is installed
    • BACK