File fix-CVE-2021-32792-2.patch of Package apache2-mod_auth_openidc.28532

Overview Repositories Revisions Requests Users Attributes Meta

File fix-CVE-2021-32792-2.patch of Package apache2-mod_auth_openidc.28532

From 00c315cb0c8ab77c67be4a2ac08a71a83ac58751 Mon Sep 17 00:00:00 2001
From: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
Date: Fri, 25 Jun 2021 11:42:57 +0200
Subject: [PATCH] avoid XSS vulnerability when using OIDCPreservePost On

and supplying URLs that contain single quotes; thanks @oss-aimoto

Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
---
 ChangeLog              | 4 ++++
 src/mod_auth_openidc.c | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

Index: mod_auth_openidc-2.3.8/src/mod_auth_openidc.c
===================================================================
--- mod_auth_openidc-2.3.8.orig/src/mod_auth_openidc.c
+++ mod_auth_openidc-2.3.8/src/mod_auth_openidc.c
@@ -514,7 +514,7 @@ static int oidc_request_post_preserved_r
 					"          input.type = \"hidden\";\n"
 					"          document.forms[0].appendChild(input);\n"
 					"        }\n"
-					"        document.forms[0].action = '%s';\n"
+					"        document.forms[0].action = \"%s\";\n"
 					"        document.forms[0].submit();\n"
 					"      }\n"
 					"    </script>\n", method, oidc_util_javascript_escape(r->pool, original_url));

Places

File fix-CVE-2021-32792-2.patch of Package apache2-mod_auth_openidc.28532

Places