[Git][security-tracker-team/security-tracker][master] Reserve DLA-4602-1 for lemonldap-ng

Thu, 28 May 2026 01:27:27 -0700 


Abhijith PA pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
220942b0 by Abhijith PA at 2026-05-28T13:56:48+05:30
Reserve DLA-4602-1 for lemonldap-ng

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -117119,7 +117119,6 @@ CVE-2025-59518 (In LemonLDAP::NG before 2.16.7 and 
2.17 through 2.21 before 2.21
        - lemonldap-ng 2.21.3+ds-1
        [trixie] - lemonldap-ng 2.21.2+ds-1+deb13u1
        [bookworm] - lemonldap-ng 2.16.1+ds-deb12u7
-       [bullseye] - lemonldap-ng <postponed> (Minor issue; can be piggybacked 
with future DLA)
        NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/3462
        NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/3470
        NOTE: 
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/6e86f70be5499d09dfaaff307632be8a10f7e58f
 (v2.21.3)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[28 May 2026] DLA-4602-1 lemonldap-ng - security update
+       {CVE-2024-52948 CVE-2025-59518}
+       [bullseye] - lemonldap-ng 2.0.11+ds-4+deb11u8
 [26 May 2026] DLA-4601-1 memcached - security update
        {CVE-2026-47783 CVE-2026-47784}
        [bullseye] - memcached 1.6.9+dfsg-1+deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -284,14 +284,6 @@ krb5 (eamanu)
 ldap-account-manager
   NOTE: 20260418: Added by Front-Desk (rouca)
 --
-lemonldap-ng
-  NOTE: 20250813: Added by Front-Desk (lamby)
-  NOTE: 20250813: CVE-2024-52948 was marked as <postponed>, but fixed in 
bookworm. (lamby)
-  NOTE: 20251009: Backporting CVE-2024-52948 (abhijith)
-  NOTE: 20251028: Still working in CVE-2024-52948 (abhijith)
-  NOTE: 20251229: Asked yadd (maintainer of package) for help (abhijith)
-  NOTE: 20260504: Maintainer prepared fix for CVE-2025-59518 (abhijith)
---
 libcaca
   NOTE: 20260519: Added by Front-Desk (Beuc)
   NOTE: 20260519: Fix unstable first. (Beuc/front-desk)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/220942b0e85f6c430e27c453449ef6f9304b06f0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/220942b0e85f6c430e27c453449ef6f9304b06f0
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to