[Git][security-tracker-team/security-tracker][master] Reserve DLA-3979-1 for lemonldap-ng
Guilhem Moulin (@guilhem)
guilhem at debian.org
Sat Nov 30 18:40:16 GMT 2024
Guilhem Moulin pushed to branch master at Debian Security Tracker / security-tracker
Commits:
df86958e by Guilhem Moulin at 2024-11-30T19:39:58+01:00
Reserve DLA-3979-1 for lemonldap-ng
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -15554,7 +15554,6 @@ CVE-2024-48941 (The Syracom Secure Login (2FA) plugin for Jira, Confluence, and
CVE-2024-48933 (A cross-site scripting (XSS) vulnerability in LemonLDAP::NG before 2.1 ...)
- lemonldap-ng 2.20.0+ds-1 (bug #1084979)
[bookworm] - lemonldap-ng 2.16.1+ds-deb12u3
- [bullseye] - lemonldap-ng <postponed> (Minor issue; can be fixed in next update)
NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/3232
NOTE: Fixed by: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/288a5061d42d7e6a5a2932a4d3914dca100f9c25 (v.20.0)
NOTE: Fixed by: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/2bacbb4aa76a3f58f0156d453d1745d40d490ca8 (v2.20.0)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 Nov 2024] DLA-3979-1 lemonldap-ng - security update
+ {CVE-2024-48933 CVE-2024-52946 CVE-2024-52947}
+ [bullseye] - lemonldap-ng 2.0.11+ds-4+deb11u6
[30 Nov 2024] DLA-3978-1 editorconfig-core - security update
{CVE-2023-0341 CVE-2024-53849}
[bullseye] - editorconfig-core 0.12.1-1.1+deb11u1
=====================================
data/dla-needed.txt
=====================================
@@ -110,11 +110,6 @@ jetty9 (Markus Koschany)
knot-resolver
NOTE: 20240924: Added by Front-Desk (lamby)
--
-lemonldap-ng (guilhem)
- NOTE: 20241119: Added by Front-Desk (Beuc)
- NOTE: 20241119: Follow fixes from bookworm 12.8 (CVE-2024-48933) and
- NOTE: 20241119: upcoming PU fixes (2 CVEs) https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087200 (Beuc/front-desk)
---
libsoup2.4 (Adrian Bunk)
NOTE: 20241121: Added by Front-Desk (Beuc)
NOTE: 20241121: Fix in unstable first, following libsoup3.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df86958e7a493b206763c763d88f6e24fd58f896
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df86958e7a493b206763c763d88f6e24fd58f896
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241130/544b91c6/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list