[Git][security-tracker-team/security-tracker][master] Reserve DLA-3979-1 for lemonldap-ng

Guilhem Moulin (@guilhem) Sat, 30 Nov 2024 10:40:26 -0800


Guilhem Moulin pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
df86958e by Guilhem Moulin at 2024-11-30T19:39:58+01:00
Reserve DLA-3979-1 for lemonldap-ng

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -15554,7 +15554,6 @@ CVE-2024-48941 (The Syracom Secure Login (2FA) plugin 
for Jira, Confluence, and
 CVE-2024-48933 (A cross-site scripting (XSS) vulnerability in LemonLDAP::NG 
before 2.1 ...)
        - lemonldap-ng 2.20.0+ds-1 (bug #1084979)
        [bookworm] - lemonldap-ng 2.16.1+ds-deb12u3
-       [bullseye] - lemonldap-ng <postponed> (Minor issue; can be fixed in 
next update)
        NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/3232
        NOTE: Fixed by: 
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/288a5061d42d7e6a5a2932a4d3914dca100f9c25
 (v.20.0)
        NOTE: Fixed by: 
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/2bacbb4aa76a3f58f0156d453d1745d40d490ca8
 (v2.20.0)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 Nov 2024] DLA-3979-1 lemonldap-ng - security update
+       {CVE-2024-48933 CVE-2024-52946 CVE-2024-52947}
+       [bullseye] - lemonldap-ng 2.0.11+ds-4+deb11u6
 [30 Nov 2024] DLA-3978-1 editorconfig-core - security update
        {CVE-2023-0341 CVE-2024-53849}
        [bullseye] - editorconfig-core 0.12.1-1.1+deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -110,11 +110,6 @@ jetty9 (Markus Koschany)
 knot-resolver
   NOTE: 20240924: Added by Front-Desk (lamby)
 --
-lemonldap-ng (guilhem)
-  NOTE: 20241119: Added by Front-Desk (Beuc)
-  NOTE: 20241119: Follow fixes from bookworm 12.8 (CVE-2024-48933) and
-  NOTE: 20241119: upcoming PU fixes (2 CVEs) 
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087200 (Beuc/front-desk)
---
 libsoup2.4 (Adrian Bunk)
   NOTE: 20241121: Added by Front-Desk (Beuc)
   NOTE: 20241121: Fix in unstable first, following libsoup3.



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df86958e7a493b206763c763d88f6e24fd58f896

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df86958e7a493b206763c763d88f6e24fd58f896
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3979-1 for lemonldap-ng

Reply via email to