Update to 2.4.16.11 for fix CVE-2025-31492

(cherry picked from commit 9ed337b87e6ff24f6dbdab1819474704e40aba9a)

mod_auth_openidc.spec

@@ -6,10 +6,10 @@
 %global httpd_pkg_cache_dir /var/cache/httpd/mod_auth_openidc
 
 Name:           mod_auth_openidc
-Version:        2.4.15.3
+Version:        2.4.16.11
 Release:        1
 Summary:        OpenID Connect Relying Party module for Apache 2.x HTTP Server
-License:        ASL 2.0
+License:        Apache-2.0
 URL:            https://github.com/OpenIDC/mod_auth_openidc
 Source0:        %{url}/releases/download/v%{version}/%{name}-%{version}.tar.gz
 
@@ -60,6 +60,21 @@ install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}/{metadata,cache}
 %dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}/{metadata,cache}
 
 %changelog
+* Wed Apr 09 2025 yaoxin <1024769339@qq.com> - 2.4.16.11-1
+- Update to 2.4.16.11 for fix CVE-2025-31492
+
+* Mon Jan 13 2025 yaoxin <1024769339@qq.com> - 2.4.16.6-1
+- Update to 2.4.16.6:
+  * metadata: fix caching of JWKs from jwks_uri when using the default expiry setting
+  * info: fix requests to the info hook with extend_session=false
+  * cookie: OIDCCookieSameSite default behaviour Lax
+  * cookie: apply OIDCCookieSameSite Off/None properly to state cookies instead of always setting Lax
+  * cache: avoid segfault and improve error reporting in case apr_temp_dir_get fails when a temp directory
+    cannot be found on the system upon initaliizing cache mutexes and the file cache
+  * metadata: allow plain HTTP URLs in metadata elements jwks_uri and signed_jwks_uri to ensure backwards
+    compatibility with <=2.4.15.7 and to support private/test deployments
+  * code: address warnings from static code analysis tool CodeChecker
+
 * Sat Feb 17 2024 yaoxin <yao_xin001@hoperun.com> - 2.4.15.3-1
 - Upgrade to 2.4.15.3 for fix CVE-2024-24814