Is there a security team in Ubuntu ?
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-12046
** Tags added: community-security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1829016
Hello,
bug is easy to fix, at least for 18.04 (just to import Debian package).
Is there a problem with this upgrade ?
** Description changed:
Hi all,
during an internal audit, one of lemonldap-ng's developers discovered an
attack vector. It opens 3 security issues:
- - [high] for
Debian Version 1.3.3-1+deb8u1 (LTS) fixes also this bug for 1.3.x
versions
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1829016
Title:
CVE-2019-12046: anonymous session allowed when tokens are
Making public as the issues are public elsewhere.
** Information type changed from Private Security to Public Security
** Changed in: lemonldap-ng (Ubuntu)
Status: New => Confirmed
** Changed in: lemonldap-ng (Ubuntu)
Importance: Undecided => High
--
You received this bug
