2069210 – mod_auth_openidc 2.4.9.4 security update not submitted to F36+

Bug 2069210 - mod_auth_openidc 2.4.9.4 security update not submitted to F36+

Summary: mod_auth_openidc 2.4.9.4 security update not submitted to F36+

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	mod_auth_openidc
Sub Component:
Version:	36
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Tomas Halman
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2022-03-28 13:33 UTC by Fabio Valentini
Modified:	2023-09-15 01:53 UTC (History)
CC List:	5 users (show)
Fixed In Version:	mod_auth_openidc-2.4.9.4-1.fc36
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2022-05-07 04:14:11 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Fabio Valentini 2022-03-28 13:33:30 UTC

Looks like the 2.4.9.4 security update was built only for Fedora 35, but not any other branch, not even Rawhide:
https://koji.fedoraproject.org/koji/packageinfo?packageID=21309

Please submit this update *at least* to F36 and Rawhide as well. Newer releases having an older version (especially one that does not have the fixes for CVE-2021-39191 from 2.4.9.4) is really bad.

Comment 3 Fedora Update System 2022-03-31 15:27:36 UTC

FEDORA-2022-814ee0c43b has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2022-814ee0c43b

Comment 4 Tomas Halman 2022-03-31 15:29:41 UTC

Rawhide is updated as well

Comment 5 Fedora Update System 2022-04-01 23:23:40 UTC

FEDORA-2022-814ee0c43b has been pushed to the Fedora 36 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2022-814ee0c43b`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2022-814ee0c43b

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 6 Fedora Update System 2022-05-07 04:14:11 UTC

FEDORA-2022-814ee0c43b has been pushed to the Fedora 36 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 7 Red Hat Bugzilla 2023-09-15 01:53:21 UTC

The needinfo request[s] on this closed bug have been removed as they have been unresolved for 365 days

Note You need to log in before you can comment on or make changes to this bug.