QID 751134

Date Published: 2021-09-16

QID 751134: OpenSUSE Security Update for apache2-mod_auth_openidc (openSUSE-SU-2021:3020-1)

OpenSUSE has released a security update for apache2-mod_auth_openidc to fix the vulnerabilities.

Affected Products:
openSUSE Leap 15.3

Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.

Malicious users could also use this vulnerability to change partial contents or configuration on the system and information disclosure.Denial of service can appear in some cases too.

  • CVSS V3 rated as High - 7.5 severity.
  • CVSS V2 rated as Medium - 5.8 severity.
  • Solution
    Upgrade to the latest packages which contain a patch. To install this OpenSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product.

    To install packages using the command line interface, use the command "yum update".

    Refer to SUSE security advisory openSUSE-SU-2021:3020-1 to address this issue and obtain further details.

    CVEs related to QID 751134

    Software Advisories
    Advisory ID Software Component Link
    openSUSE-SU-2021:3020-1 OpenSuse URL Logo lists.opensuse.org//archives/list/[email protected]/thread/54B4RYNP5L63X2FMX2QCVYB2LGLL42IY/