Source: ldap-account-manager Version: 8.5-1 Severity: important Tags: security X-Debbugs-Cc: Debian PHP PEAR Maintainers <pkg-php-p...@lists.alioth.debian.org>, Debian Security Team <t...@security.debian.org>
Hi, Just noticed via #1057008 and especially [CVE-2023-49316] notes, that ldap-account-manager includes an insane amount of third party package in (but not only) lib/3rdParty/composer. Many of those are already packaged and maintained in Debian. Please consider using (and, if needed, introducing) the proper dependencies. CVE-2023-49316: https://security-tracker.debian.org/tracker/CVE-2023-49316 Regards, taffit
signature.asc
Description: PGP signature