FEDORA-2019-2d8ee47f61

security update in Fedora 30 for mod_auth_mellon

Status: stable 5 months ago

New upstream release 0.14.2 which also fixes CVE-2019-3878 and CVE-2019-3877

Comments 6

This update has been submitted for testing by jhrozek.

This update has been pushed to testing.

This update has reached 3 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by pwalter.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
high
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 6 months ago
in testing 6 months ago
in stable 5 months ago

Related Bugs 4

00 #1674418 mod_auth_mellon-0.14.2 is available
00 #1691127 mod_auth_mellon: authentication bypass in ECP flow [fedora-all]
00 #1691136 CVE-2019-3878 mod_auth_mellon: authentication bypass in ECP flow [fedora-all]
00 #1691771 CVE-2019-3877 mod_auth_mellon: open redirect in logout url when using URLs with backslashes [fedora-all]

Automated Test Results