apache2-mod_auth_openidc-2.3.8-lp151.2.6.1<>,<8^pf/=„Ce"`7טd¤= rIdҡe.C&hrOĂN %1[$3lj\\Q=$,:|qO8j%zWBy6~8?̩;wj N[I *U.: }aÃ789tjI/*TrO&t2 #Y*Q3 t_iooGCzhm?]⳯J]C>>?d! - n' @d     LT(89:FTGhHpIxX|Y\]^bcd7e<f?lAuTv\wxy z8HLRCapache2-mod_auth_openidc2.3.8lp151.2.6.1Apache2.x module for an OpenID Connect enabled Identity ProviderThis module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.^pfcloud108openSUSE Leap 15.1openSUSEApache-2.0http://bugs.opensuse.orgProductivity/Networking/Web/Servershttps://github.com/zmartzone/mod_auth_openidc/linuxx86_64A^pe^pe7eaee877d6cf387d4ae332eeef53f29369429a50ad8dc880835f3e87889e4d00rootrootrootrootapache2-mod_auth_openidc-2.3.8-lp151.2.6.1.src.rpmapache2-mod_auth_openidcapache2-mod_auth_openidc(x86-64)@@@@@@@@@@@@@    apache_mmn_20120211libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libcjose.so.0()(64bit)libcrypto.so.1.1()(64bit)libcrypto.so.1.1(OPENSSL_1_1_0)(64bit)libcurl.so.4()(64bit)libhiredis.so.0.13()(64bit)libjansson.so.4()(64bit)libpcre.so.1()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)suse_maintenance_mmn_03.0.4-14.6.0-14.0-15.2-14.14.1^_@]{@[v[GZZ1@Kristyna Streitova Kristyna Streitova kstreitova@suse.comkstreitova@suse.comvcizek@suse.comchristof.hanke@mpcdf.mpg.de- add apache2-mod_auth_openidc-2.3.8-CVE-2019-20479.patch to fix open redirect issue that exists in URLs with a slash and backslash at the beginning [bsc#1164459], [CVE-2019-20479]- add apache2-mod_auth_openidc-2.3.8-CVE-2019-14857.patch to fix open redirect issue that exists in URLs with trailing slashes [bsc#1153666], [CVE-2019-14857]- submission to SLE15SP1 because of fate#324447 - build with hiredis only for openSUSE where hiredis is available - add a version for jansson BuildRequires- update to 2.3.8 - changes in 2.3.8 * fix return result FALSE when JWT payload parsing fails * add LGTM code quality badges * fix 3 LGTM alerts * improve auto-detection of XMLHttpRequests via Accept header * initialize test_proto_authorization_request properly * add sanity check on provider->auth_request_method * allow usage with LibreSSL * don't return content with 503 since it will turn the HTTP status code into a 200 * add option to set an upper limit to the number of concurrent state cookies via OIDCStateMaxNumberOfCookies * make the default maximum number of parallel state cookies 7 instead of unlimited * fix using access token as endpoint auth method in introspection calls * fix reading access_token form POST parameters when combined with `AuthType auth-openidc` - changes in 2.3.7 * abort when string length for remote user name substitution is larger than 255 characters * fix Redis concurrency issue when used with multiple vhosts * add support for authorization server metadata with OIDCOAuthServerMetadataURL as in RFC 8414 * refactor session object creation * clear session cookie and contents if cache corruption is detected * use apr_pstrdup when setting r->user * reserve 255 characters in remote username substition instead of 50 - changes in 2.3.6 * add check to detect session cache corruption for server-based caches and cached static metadata * avoid using pipelining for Redis * send Basic header in OAuth www-authenticate response if that's the only accepted method; thanks @puiterwijk * refactor Redis cache backend to solve issues on AUTH errors: a) memory leak and b) redisGetReply lagging behind * adjust copyright year/org * fix buffer overflow in shm cache key set strcpy * turn missing session_state from warning into a debug statement * fix missing "return" on error return from the OP * explicitly set encryption kid so we're compatible with cjose >= 0.6.0 - changes in 2.3.5 * fix encoding of preserved POST data * avoid buffer overflow in shm cache key construction * compile with with Libressl- update to 2.3.4 - requested in fate#323817- initial packagingcloud108 15844573182.3.8-lp151.2.6.12.3.8-lp151.2.6.1apache2mod_auth_openidc.so/usr/lib64//usr/lib64/apache2/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:12125/openSUSE_Leap_15.1_Update/b47f787fdae79a7460ac948bf717ed52-apache2-mod_auth_openidc.openSUSE_Leap_15.1_Updatedrpmxz5x86_64-suse-linuxdirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=85e563849b753387bf2512827ffc4ab0a641cf50, stripped RRRRRR R RR RR R R R^c,u^څutf-8940e2fbbb196f0ba7602ca367a86229a2edbc96795179a09ecd2d558a657f58a? 7zXZ !t/B$H]"k%9"5okw@_/.PS8;oͩz.4|j@ PhA/]4A3#hBR珴Tkڡ[Rma ^V++%h,ɥTX ]PXUy+C-_R)evat؏! "0\窏/ԻHsaڰ壙a6zlJgg4ZP& MvU>Q[ }s>E9 `{4h+@AklIBuOA1I1Nk,Jg^<$pv]YbI3Ig p;{>&_hGP8^hVԫy84b9 L}ST T0ױ_f.]ԧYk$;zMZnx|$N -mmgnugH< L_{(?X U[굑 F{ *𜺸\ a>3m^tz ;g0~nrJt'X 8T?řp4q5(LH}`l=;.\jOf;͕QDVf:@թw͡qZ׵=\=`yFn=a;xh r^>Mѱq]#ݯV8 U_'.!@PZ=tUQ$=6?ԋ~kx;75 AV-Kyis)`nVn&#HNkA>݋w=:؝YiHgsΛ;ȭ)7IogWIKwUϒ:ދӜ%&5&V " ځ48>eޓ1pٝW: 7iUk1̘Br.ӳ\Y%Nzn6iL\ tQ>18i= #K>J} ; 0bl,t:?7ӤUHz9ߵeʈM5fʚip 8es] 04=/=?h!* |i2JOA zOEA5Mĭ7G"%am6TH 9 5me3Ig^˞iZ3i:1Z%J辽!loĚijЈlA?ܤYӊk1|3[E0 ye >I}- %򢬝¨,T@RVPh6kmu,ZH_mwؠ<- ͡Dy;JCF>.QeCa76%U'#!h$>b@M|l`B@KR [q0}k5=oQ࿔@%9,=oLibBL@8ܘ($qtOm}ͪԛ>hVk@"lL(Rp 9DoI<9勈3%zu;E=X隣 GP5n!qj w~0k$HHNxSsKӢY5u움S7ڈzjCk䭏M9(Izn"i݁\oȖ箒aYw%\?%}/Dָ'4"\ ͥ Y㍧j !&ތQgF_ aT &>wn)+ {kL8wjdI⿇6W3c-Wxn/2wĺXq3%'.Z,ϕ[ Hl˂ qQgÎ?{GL"+}(J= TRaW`6X-?hoex8XH, r]7AX|eԱS!k=PrMٖ8 52:^WTPd&['v,} =5 9i 5 -F|A@@u<Ɉ_iS%'3A8kD VZ_;ٍŷ0 r92+Ww©S\| ɴ=HG+qVnxO1!@樲Aq(%:,BMh#PgK94|+b \Yd+Qbf7y:Nz]otM%{T6ZpG \2-Ia՘UDE; y6/h 9{C%,A{ӕS65-1G.b婈NPihvGL2D8,Lu??ض~t[QP1H)ӁSne( PSq4GӁl,7}|őr(M\ׄ@Q35,^k ~rcmGgZ󒥍i@ ChysGڜ&oYX$\ E>Ug?}.b.4ZЀ!'5Q_kdS1;ZK<6K^xf,";ia o9Tc @"2OpG\;DoW \@BIJ}cvp82PDX*FS//Xi`g;{w^OsexZn#~`e4ٱjE3 6 5Hpς?-o֭o?VADd?5-I gj6Ф!? VO b* 7Zv̔4\1ezC P^l#hDH#u mwuIPZb&m_i: {>oEvD~ٳ<9H2ɔ:cT\c %&02 cVY/]3*UFΐC"_*JG\PL$֓8h G n5{K@Cv/PQKjrȐa|L%;N0dsA44pA;l"ʠEinݢФZd{Q]ݏ=xt 85n!_RО/I&ˍ N˜ ikۗ~7iؽ.hJ:Y@& {1VB~},[ 3vؐ苠pX<Z{6䞓ӐjL2NKX kK?;I$ O2f[g.N⩇)ƣ qy~4*,ּPjȾRO(ٮIqraop.<ޛ{+rʄ]'?[ kkUhҸ 2thHݕ&OףxPk=|+Y[9!$ V噭_2U#:7 C/F:,0hƊx71R^3@0VVh:ƈ1 S,|>EL[;vrsബd;KѻfXdex;rZ^ҙJ]0CGWLYR{RM?`76papn|e#9(f ݒL < &] wB H,")bX..֩ _Epg?\&!1u7 7-yո&1cꘆטq%owN4?3sXuGl RVdfJE1Jh?1yEhQrnrVO\66 -K(ڃ& !!]9w8$5`fd(u؅ykIPvf- /+%1i_z#ڙWaGʌv 3<4"N( `X` ivnQ<đ=wGyEG ]QC"NbgnvgjkjLNC ^1\4k۾v+vpHx\ ,p=wL QvD`4W-[yPPD;oCkBIE<_p)q3Ɵ RX4l+aTQ%㧭-k v@]0=g'SAYoX )gqgQ{֐)M7jM>Z-Ieh =䉮ݍU"ZU3&=(xS)|=6"tPf/' CcWG=5~45D5'KvpFVa5mkׁ^lDS*{-ѥTۼ$(>KN?(~IBI7RW"s²-풫@́]IL4v:+vM<?<]`L*JKyH|CeGGmxQ#^]y}V]`*28{Lb4!frdS儱RZǽ~NBU$߁ AvP|ާ/cT/"ǒ,:&mm^( TS, Z~H`B bGd.ȿ$ c zv2B* @\Ovlm0.Y6ZrS)Ui.M}ٸaݩ<^{\ ºfgW% ~!l텅t]K :~)[n** ϻӸh>C|6ѣXVa, tҌw4 2gl][Uj4l뇴a82j`rU,E\oXB WMh,'k4 9jb,%N36`K%﷡N  : '(DW+8 ݄OF@c:m0 E]q yB ̣Vd̼,t ӵQ'5?"eAd_&@%C{v[u<9SαXYӬw`)buά_-B48?oΟ ]-WAY14XQ̹uSZ6I&wWbBB9h2pmqUAꨶx:F;ub@w=Dd$\YGϭ9~-N\HSX h']dQVƼfuJP?? qQXs1: Tז{]oLNa-v #s0X+aBp?q13Za| MF ;0r(@Ŕo  2ͷ;g?m&SÅ [1y})VkPX*D©=5{j$?ϑ$v;gw'IH<=حpm= =I"K􌓪=A9~Vd\ٜulEI'>ϥ WMZn?LX'r!#޹}(%w1LVlhdH`RE/I~4!_0Lg+!#"InJp]1U<$'? c 3 Y L>MxF12SBE#PhQ$I 3diL 9p]4"_Sÿ'(Z鏫7e8b\ѣDɀYŒv;S V7Na3=Rx(!Z2{/^m4aQy/т$1椰 ٬_&(͙>|VM|j7wOz,vR2Ԋv??mU0OꄁPdz!FzTfQ+# Zh^k^ pq8?Ы[-[հPX!~`:.9~<ҍv jnZ|P/IJnyt7dDg}?!#!xrz D,}>ɨSZTJ~ (έ=)9K)n"ާT_6VTB8ү Q8 ÿW.˝~.]Yѯ]VmuԔYuF}^:_.Tmo( Å9T:8U@n#sIViĹq>I6U}HInwpVEK(BL!4Vz8V7/-o.w^Eu6f*l(R]ihtU/&=6bRqjU>wT!p/A, 4_@`ȍ%kvSk&,f<ԣ=uJ,nV+ 5BZ,Qd$Hۅ6ƶ YZ