| Release | Version |
|---|---|
| stretch | 2.1.6-1 |
| stretch (security) | 2.1.6-1+deb9u1 |
| buster | 2.3.10.2-1 |
| bullseye | 2.4.4.1-2 |
| sid | 2.4.4.1-2 |
| Bug | stretch | buster | bullseye | sid | Description |
|---|---|---|---|---|---|
| CVE-2019-20479 | fixed | vulnerable (no DSA) | fixed | fixed | A flaw was found in mod_auth_openidc before version 2.4.1. An open red ... |
| CVE-2019-14857 | fixed | vulnerable (no DSA) | fixed | fixed | A flaw was found in mod_auth_openidc before version 2.4.0.1. An open r ... |
| Bug | Description |
|---|---|
| CVE-2021-20718 | mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a de ... |
| CVE-2019-1010247 | ZmartZone IAM mod_auth_openidc 2.3.10.1 and earlier is affected by: Cr ... |
| CVE-2017-6413 | The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka ... |
| CVE-2017-6062 | The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka ... |
| CVE-2017-6059 | Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication ... |
| DSA / DLA | Description |
|---|---|
| DLA-2298-1 | libapache2-mod-auth-openidc - security update |
| DLA-2130-1 | libapache2-mod-auth-openidc - security update |
| DLA-1996-1 | libapache2-mod-auth-openidc - security update |
| DLA-1894-1 | libapache2-mod-auth-openidc - security update |