Oval Definition:	oval:org.opensuse.security:def:60383
Revision Date: 2021-10-12 Version: 1 Title: Security update for apache2-mod_auth_openidc (Moderate) Description: This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2021-32785: format string bug via hiredis (bsc#1188638) - CVE-2021-32786: open redirect in logout functionality (bsc#1188639) - CVE-2021-32791: Hardcoded static IV and AAD with a reused key in AES GCM encryption (bsc#1188849) - CVE-2021-32792: XSS when using OIDCPreservePost On (bsc#1188848) - CVE-2021-39191: open redirect issue in target_link_uri parameter (bsc#1190223) Family: unix Class: patch Status: Reference(s): 1027519 1055695 1056278 1056280 1056281 1056282 1057358 1083624 1126230 1132665 1133719 1136082 1137832 1138301 1138303 1138734 1144903 1153108 1153158 1153161 1157607 1161096 1162553 1164692 1166238 1168630 1171670 1171921 1171960 1171961 1171963 1188638 1188639 1188848 1188849 1190223 989121 989122 CVE-2009-1273 CVE-2009-3736 CVE-2010-3170 CVE-2011-3389 CVE-2011-3640 CVE-2013-0743 CVE-2013-0791 CVE-2013-1620 CVE-2013-1739 CVE-2013-1740 CVE-2013-5605 CVE-2014-1492 CVE-2014-1568 CVE-2014-1569 CVE-2015-4000 CVE-2015-7181 CVE-2015-7182 CVE-2015-7575 CVE-2015-8946 CVE-2016-1938 CVE-2016-1950 CVE-2016-1978 CVE-2016-1979 CVE-2016-2834 CVE-2016-5285 CVE-2016-6224 CVE-2016-8635 CVE-2016-9074 CVE-2016-9574 CVE-2017-14316 CVE-2017-14317 CVE-2017-14318 CVE-2017-14319 CVE-2017-6318 CVE-2017-8779 CVE-2018-1063 CVE-2019-10161 CVE-2019-10167 CVE-2019-10220 CVE-2019-12749 CVE-2019-17133 CVE-2019-20503 CVE-2020-10753 CVE-2020-1938 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 CVE-2020-6819 CVE-2020-6819 CVE-2020-6820 CVE-2020-6820 CVE-2021-32785 CVE-2021-32786 CVE-2021-32791 CVE-2021-32792 CVE-2021-39191 SUSE-SU-2017:2420-1 SUSE-SU-2018:0336-1 SUSE-SU-2018:0926-1 SUSE-SU-2019:2227-1 SUSE-SU-2020:0717-1 SUSE-SU-2020:0725-1 SUSE-SU-2020:0928-1 SUSE-SU-2020:1748-1 SUSE-SU-2021:3352-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information libwavpack1-5.1.0-lp151.5.3 is installed OR libwavpack1-32bit-5.1.0-lp151.5.3 is installed OR wavpack-5.1.0-lp151.5.3 is installed OR wavpack-devel-5.1.0-lp151.5.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information bluez-5.48-lp151.8.3 is installed OR bluez-auto-enable-devices-5.48-lp151.8.3 is installed OR bluez-cups-5.48-lp151.8.3 is installed OR bluez-devel-5.48-lp151.8.3 is installed OR bluez-devel-32bit-5.48-lp151.8.3 is installed OR bluez-test-5.48-lp151.8.3 is installed OR libbluetooth3-5.48-lp151.8.3 is installed OR libbluetooth3-32bit-5.48-lp151.8.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libfreebl3-3.29.5-57 is installed OR libfreebl3-32bit-3.29.5-57 is installed OR libfreebl3-hmac-3.29.5-57 is installed OR libfreebl3-hmac-32bit-3.29.5-57 is installed OR libsoftokn3-3.29.5-57 is installed OR libsoftokn3-32bit-3.29.5-57 is installed OR libsoftokn3-hmac-3.29.5-57 is installed OR libsoftokn3-hmac-32bit-3.29.5-57 is installed OR mozilla-nss-3.29.5-57 is installed OR mozilla-nss-32bit-3.29.5-57 is installed OR mozilla-nss-certs-3.29.5-57 is installed OR mozilla-nss-certs-32bit-3.29.5-57 is installed OR mozilla-nss-sysinit-3.29.5-57 is installed OR mozilla-nss-sysinit-32bit-3.29.5-57 is installed OR mozilla-nss-tools-3.29.5-57 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information dbus-1-1.8.22-29.17 is installed OR dbus-1-x11-1.8.22-29.17 is installed OR libdbus-1-3-1.8.22-29.17 is installed OR libdbus-1-3-32bit-1.8.22-29.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_175-94_79-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_23-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information cups-filters-1.0.58-19.2 is installed OR cups-filters-cups-browsed-1.0.58-19.2 is installed OR cups-filters-foomatic-rip-1.0.58-19.2 is installed OR cups-filters-ghostscript-1.0.58-19.2 is installed OR libqpdf18-7.1.1-3.3 is installed OR qpdf-7.1.1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND apache2-mod_auth_openidc-2.4.0-3.23.1 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND apache2-mod_auth_openidc-2.4.0-3.23.1 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND haproxy-1.6.11-11.3 is installed
BACK