It was discovered that mod_auth_openidc, an OpenID Certified authentication and authorization module for the Apache HTTP server that implements the OpenID Connect Relying Party functionality, was susceptible to information disclosure in some configurations
https://security-tracker.debian.org/tracker/DSA-5904-1
Continue reading...
https://security-tracker.debian.org/tracker/DSA-5904-1
Continue reading...
