Synopsis: Moderate: mod_auth_openidc security update Advisory ID: SLSA-2019:2112-1 Issue Date: 2019-08-06 CVE Numbers: CVE-2017-6413 CVE-2017-6059 -- Security Fix(es): * mod_auth_openidc: OIDC_CLAIM and OIDCAuthNHeader not skipped in an "AuthType oauth20" configuration (CVE-2017-6413) * mod_auth_openidc: Shows user-supplied content on error pages (CVE-2017-6059) -- SL7 x86_64 mod_auth_openidc-1.8.8-5.el7.x86_64.rpm mod_auth_openidc-debuginfo-1.8.8-5.el7.x86_64.rpm - Scientific Linux Development Team