!30 [sync] PR-27: Update to 2.4.16.11 for fix CVE-2025-31492 and Sync code

From: @openeuler-sync-bot 
Reviewed-by: @wk333 
Signed-off-by: @wk333

mod_auth_openidc.spec

@@ -6,15 +6,15 @@
 %global httpd_pkg_cache_dir /var/cache/httpd/mod_auth_openidc
 
 Name:           mod_auth_openidc
-Version:        2.4.13.2
+Version:        2.4.16.11
 Release:        1
 Summary:        OpenID Connect Relying Party module for Apache 2.x HTTP Server
-License:        ASL 2.0
+License:        Apache-2.0
-URL:            https://github.com/zmartzone/mod_auth_openidc
+URL:            https://github.com/OpenIDC/mod_auth_openidc
-Source0:	https://github.com/zmartzone/mod_auth_openidc/archive/refs/tags/v%{version}.tar.gz
+Source0:        %{url}/releases/download/v%{version}/%{name}-%{version}.tar.gz
 
 BuildRequires:  gcc httpd-devel openssl-devel curl-devel jansson-devel
-BuildRequires:  pcre-devel autoconf automake cjose-devel jq-devel
+BuildRequires:  pcre2-devel autoconf automake cjose-devel jq-devel
 BuildRequires:  libtool
 Requires:       httpd-mmn = %{_httpd_mmn}
 
@@ -60,6 +60,33 @@ install -m 700 -d $RPM_BUILD_ROOT%{httpd_pkg_cache_dir}/{metadata,cache}
 %dir %attr(0700, apache, apache) %{httpd_pkg_cache_dir}/{metadata,cache}
 
 %changelog
+* Wed Apr 09 2025 yaoxin <1024769339@qq.com> - 2.4.16.11-1
+- Update to 2.4.16.11 for fix CVE-2025-31492
+
+* Mon Jan 13 2025 yaoxin <1024769339@qq.com> - 2.4.16.6-1
+- Update to 2.4.16.6:
+  * metadata: fix caching of JWKs from jwks_uri when using the default expiry setting
+  * info: fix requests to the info hook with extend_session=false
+  * cookie: OIDCCookieSameSite default behaviour Lax
+  * cookie: apply OIDCCookieSameSite Off/None properly to state cookies instead of always setting Lax
+  * cache: avoid segfault and improve error reporting in case apr_temp_dir_get fails when a temp directory
+    cannot be found on the system upon initaliizing cache mutexes and the file cache
+  * metadata: allow plain HTTP URLs in metadata elements jwks_uri and signed_jwks_uri to ensure backwards
+    compatibility with <=2.4.15.7 and to support private/test deployments
+  * code: address warnings from static code analysis tool CodeChecker
+
+* Sat Feb 17 2024 yaoxin <yao_xin001@hoperun.com> - 2.4.15.3-1
+- Upgrade to 2.4.15.3 for fix CVE-2024-24814
+
+* Wed Jan 17 2024 yaoxin <yao_xin001@hoperun.com> - 2.4.15-2
+- Port pcre dependency to pcre2
+
+* Tue Jan 16 2024 zhangxingrong <zhangxingrong@uniontech.com> - 2.4.15-1
+- upgrade to 2.4.15
+
+* Tue Oct 24 2023 liyanan <liyanan61@h-parners.com> - 2.4.14.3-1
+- Update to 2.4.14.3
+
 * Wed Apr 12 2023 yaoxin <yao_xin001@hoperun.com> - 2.4.13.2-1
 - Update to 2.4.13.2 to fix CVE-2023-28625
 

mod_auth_openidc.yaml

@@ -1,4 +1,4 @@
 version_control: github
-src_repo: zmartzone/mod_auth_openidc
+src_repo: OpenIDC/mod_auth_openidc
-tag_prefix: ^
+tag_prefix: ^v
 seperator: .