Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e8aafa8f by Salvatore Bonaccorso at 2022-09-11T20:59:32+02:00
Mark CVE-2022-37186/lemonldap-ng as no-dsa
- - - - -
2 changed files:
- data/CVE/list
- data/next-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -8041,6 +8041,7 @@ CVE-2022-37187
CVE-2022-37186 [Session destroyed on portal but still valid on handlers]
RESERVED
- lemonldap-ng 2.0.15+ds-1
+ [bullseye] - lemonldap-ng <no-dsa> (Minor issue; user activity tracking
by handles disabled by default)
NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2758
NOTE:
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/59c781b393947663ad3bf26bad0581413dd6fae4
(v2.0.15)
CVE-2022-37185 (SQL injection vulnerability exists in the school information
query int ...)
=====================================
data/next-point-update.txt
=====================================
@@ -20,3 +20,5 @@ CVE-2021-24119
[bullseye] - mbedtls 2.16.12-0+deb11u1
CVE-2021-44732
[bullseye] - mbedtls 2.16.12-0+deb11u1
+CVE-2022-37186
+ [bullseye] - lemonldap-ng 2.0.11+ds-4+deb11u2
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8aafa8f3d2147b167d2585dbbc5a4fa8ada356a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8aafa8f3d2147b167d2585dbbc5a4fa8ada356a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
