-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 16 Apr 2025 10:56:55 +0200
Source: libapache2-mod-auth-openidc
Binary: libapache2-mod-auth-openidc libapache2-mod-auth-openidc-dbgsym
Architecture: amd64
Version: 2.4.12.3-2+deb12u3
Distribution: bookworm-security
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-02) <buildd_amd64-x86-ubc-02@buildd.debian.org>
Changed-By: Moritz Schlarb <moschlar@debian.org>
Description:
 libapache2-mod-auth-openidc - OpenID Connect Relying Party implementation for Apache
Closes: 1102413
Changes:
 libapache2-mod-auth-openidc (2.4.12.3-2+deb12u3) bookworm-security; urgency=high
 .
   * Fix CVE-2025-31492
     "protected content leakage when using OIDCProviderAuthRequestMethod POST"
     Backported applicable portions from upstream fix in
     https://github.com/OpenIDC/mod_auth_openidc/commit/b59b8ad63411857090ba1088e23fe414c690c127
     (Closes: #1102413)
Checksums-Sha1:
 4261070b89f1e9440106b8bec70b65a04f53e187 331808 libapache2-mod-auth-openidc-dbgsym_2.4.12.3-2+deb12u3_amd64.deb
 d92cb925648ecfa6166ffd67a9ac5b790b7646ff 8063 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3_amd64-buildd.buildinfo
 0a9a86bc70f9407276147be713661b6a722ca431 187208 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3_amd64.deb
Checksums-Sha256:
 058e944ee75c898fb2d6873ec836cd1aee7f61a58925ddd1ad0feebe2624c822 331808 libapache2-mod-auth-openidc-dbgsym_2.4.12.3-2+deb12u3_amd64.deb
 873478f35d9485d3d108156f05977d5b5a0e051a06dfb60f4b6b44489f89efe5 8063 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3_amd64-buildd.buildinfo
 9cb121d7f8efe89c9c76abf9e44a7342baa95d32b142d65cecbf92af1d8c2cf4 187208 libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3_amd64.deb
Files:
 42697352a37b2e46d7a8d5bb1000a277 331808 debug optional libapache2-mod-auth-openidc-dbgsym_2.4.12.3-2+deb12u3_amd64.deb
 be9e86909e2fcc93663ba77cb222335e 8063 httpd optional libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3_amd64-buildd.buildinfo
 e035033314d22972c68cfbdf058d430d 187208 httpd optional libapache2-mod-auth-openidc_2.4.12.3-2+deb12u3_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEc5vuvf2HND40bnI+8IREj/cRiTMFAmf/xZIACgkQ8IREj/cR
iTPMihAAvAUghJkyFyxVRVuPW4lh9/8ZskGRR6S9AI6iqcOOJI88MI0USFPuPfiZ
GekyH0SuAfqVEweIEZmtN1QdKIxCJ+H4D2Wdy4rxwHfmSLBx1w9xRZM4V7pIvUqI
6O9MZSobAR9kfkCZnprTM4P22M6x1yhjPU0abeg56e7RY8weV0vK+wwl73FOkkRj
PFCQr4M4h/+zqS7FgI7xB/Lr0OCDtAf+bZ9K0j8qUYafdeuTLWXifPgKDBthnJ98
BsE2mXbceGteJKIP0U7XgpDdgz4oYmYASuj6ZsAQYBvYPqEDoUZo6pruRKJZmq/k
u3l7trU+TPtZuz//BH7w1CJ7gu0azfK3kAMt69oLqsNOt7WoukZEM86jb7LlSK7Q
qcyNkeHgLiE7nd3PRe+PtO5R6suiQOYrknP+T+/tFwQGlUI8NidY13i+WtdRTUZg
7n3N8ViTXNA7bG+2Q0RsJ8GvqSIrn3YVj416JN1IqSDBumXZQL5NyeOrgIb4Figo
D5QbXOe9hqXyPd6m1OBHbkRpltfPzRX9uCDPOzx8ukcoHOMkwMKmVPDo53IxEI7H
58KLWqJ0f+CLMui4ojo3HQjgXCGmDbhpD6aUKnOa/ENFTTgD8HXHXd3iV1/zcN4P
GZ+SmBlMJ7gDNbeOuwJw0d+rhPpQ0sm1wap7reLGmF+5cZx7qXo=
=fVxB
-----END PGP SIGNATURE-----