mmuehlenhoff
mmuehlenhoff
Patch looks good to me (and I've also smoketested a build in our test environment)
Agreed on postponing a rework of the tests for now. As for the configure script, the following should so the trick, feel free to squash it into your PR: https://github.com/mmuehlenhoff/mod_auth_cas/commit/196f0e9567935829f9dbad733d19894d803fe0f6
I'd suggest to rather disable/remove support, it's not really relevant (given that GIF and APNG are far more prevalent and natively supported in browsers) and wides the attack surface.
These are now public, pasting them here for reference: https://talosintelligence.com/vulnerability_reports/TALOS-2024-1929 https://talosintelligence.com/vulnerability_reports/TALOS-2024-1928 https://talosintelligence.com/vulnerability_reports/TALOS-2024-1926 https://talosintelligence.com/vulnerability_reports/TALOS-2024-1930 https://talosintelligence.com/vulnerability_reports/TALOS-2023-1879 https://talosintelligence.com/vulnerability_reports/TALOS-2023-1784