Nixpkgs security tracker
Activity log
- Created suggestion
It was found that various OpenID Providers (OPs) had TLS …
It was found that various OpenID Providers (OPs) had TLS Server Certificates that used weak keys, as a result of the Debian Predictable Random Number Generator (CVE-2008-0166). In combination with the DNS Cache Poisoning issue (CVE-2008-1447) and the fact that almost all SSL/TLS implementations do not consult CRLs (currently an untracked issue), this means that it is impossible to rely on these OPs.
References
-
http://lists.openid.net/pipermail/openid-security/2008-August/000942.html x_transferredx_refsource_MISC
-
Affected products
- ==unknown
Matching in nixpkgs
pkgs.perlPackages.NetOpenIDCommon
Libraries shared between Net::OpenID::Consumer and Net::OpenID::Server
pkgs.luaPackages.lua-resty-openidc
A library for NGINX implementing the OpenID Connect Relying Party (RP) and the OAuth 2.0 Resource Server (RS) functionality
pkgs.perl5Packages.NetOpenIDCommon
Libraries shared between Net::OpenID::Consumer and Net::OpenID::Server
pkgs.perlPackages.NetOpenIDConsumer
Library for consumers of OpenID identities
pkgs.python312Packages.flask-openid
OpenID support for Flask
pkgs.python313Packages.flask-openid
OpenID support for Flask
pkgs.python314Packages.flask-openid
OpenID support for Flask
pkgs.lua51Packages.lua-resty-openidc
A library for NGINX implementing the OpenID Connect Relying Party (RP) and the OAuth 2.0 Resource Server (RS) functionality
pkgs.lua52Packages.lua-resty-openidc
A library for NGINX implementing the OpenID Connect Relying Party (RP) and the OAuth 2.0 Resource Server (RS) functionality
pkgs.lua53Packages.lua-resty-openidc
A library for NGINX implementing the OpenID Connect Relying Party (RP) and the OAuth 2.0 Resource Server (RS) functionality
pkgs.lua54Packages.lua-resty-openidc
A library for NGINX implementing the OpenID Connect Relying Party (RP) and the OAuth 2.0 Resource Server (RS) functionality
pkgs.lua55Packages.lua-resty-openidc
A library for NGINX implementing the OpenID Connect Relying Party (RP) and the OAuth 2.0 Resource Server (RS) functionality
pkgs.perl538Packages.NetOpenIDCommon
Libraries shared between Net::OpenID::Consumer and Net::OpenID::Server
pkgs.perl540Packages.NetOpenIDCommon
Libraries shared between Net::OpenID::Consumer and Net::OpenID::Server
pkgs.perl5Packages.NetOpenIDConsumer
Library for consumers of OpenID identities
pkgs.luajitPackages.lua-resty-openidc
A library for NGINX implementing the OpenID Connect Relying Party (RP) and the OAuth 2.0 Resource Server (RS) functionality
pkgs.python312Packages.openidc-client
CLI python OpenID Connect client with token caching and management
pkgs.python312Packages.python3-openid
OpenID support for modern servers and consumers
-
nixos-25.11 python3-openid-3.2.0
- nixos-25.11-small python3-openid-3.2.0
- nixpkgs-25.11-darwin python3-openid-3.2.0
pkgs.python313Packages.openidc-client
CLI python OpenID Connect client with token caching and management
pkgs.python313Packages.python3-openid
OpenID support for modern servers and consumers
-
nixos-unstable python3-openid-3.2.0
- nixpkgs-unstable python3-openid-3.2.0
- nixos-unstable-small python3-openid-3.2.0
-
nixos-25.11 python3-openid-3.2.0
- nixos-25.11-small python3-openid-3.2.0
- nixpkgs-25.11-darwin python3-openid-3.2.0
pkgs.python314Packages.openidc-client
CLI python OpenID Connect client with token caching and management
pkgs.python314Packages.python3-openid
OpenID support for modern servers and consumers
-
nixos-unstable python3-openid-3.2.0
- nixpkgs-unstable python3-openid-3.2.0
- nixos-unstable-small python3-openid-3.2.0
pkgs.perl538Packages.NetOpenIDConsumer
Library for consumers of OpenID identities
pkgs.perl540Packages.NetOpenIDConsumer
Library for consumers of OpenID identities
Package maintainers
-
@disassembler Samuel Leathers <disasm@gmail.com>