Skip to content

Commit c0e1eda

Browse files
committed
2.4.13.2: prevent DoS core dump with OIDCStripCookies; CVE-2023-28625
GHSA-f5xw-rvfr-24qr Signed-off-by: Hans Zandbelt <hans.zandbelt@openidc.com>
1 parent 00b9b8a commit c0e1eda

File tree

2 files changed

+7
-2
lines changed

2 files changed

+7
-2
lines changed

Diff for: ChangeLog

+6-1
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,10 @@
1+
03/28/2023
2+
- CVE-2023-28625: prevent core dump when OIDCStripCookies is set and a crafted Cookie header is supplied
3+
https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-f5xw-rvfr-24qr
4+
- release 2.4.13.2
5+
16
03/27/2023
2-
- fix code scanning alerts:
7+
- fix code scanning alerts
38
- bump to 2.4.13.2rc2
49

510
03/24/2023

Diff for: configure.ac

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
AC_INIT([mod_auth_openidc],[2.4.13.2rc2],[hans.zandbelt@openidc.com])
1+
AC_INIT([mod_auth_openidc],[2.4.13.2],[hans.zandbelt@openidc.com])
22

33
AC_SUBST(NAMEVER, AC_PACKAGE_TARNAME()-AC_PACKAGE_VERSION())
44

0 commit comments

Comments
 (0)