-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 15 Sep 2024 17:56:19 +0200 Source: ruby-saml Architecture: source Version: 1.13.0-1+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Debian Ruby Team <pkg-ruby-extras-maintainers@lists.alioth.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Closes: 1081560 Changes: ruby-saml (1.13.0-1+deb12u1) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * SAML authentication bypass via Incorrect XPath selector (CVE-2024-45409) (Closes: #1081560) Checksums-Sha1: 1f039acf18feb07bc25882e42c1d1e0046852e2b 2230 ruby-saml_1.13.0-1+deb12u1.dsc c2ac6adc68060a610e1a4d0c33215f05637161a2 70190 ruby-saml_1.13.0.orig.tar.gz f85c9eb9fa4329f85f1341f2c930e45759a1aab0 10468 ruby-saml_1.13.0-1+deb12u1.debian.tar.xz 9fc9698c4a6ba79d06e6c14674e4fe096609aa9e 7227 ruby-saml_1.13.0-1+deb12u1_source.buildinfo Checksums-Sha256: f99f665258e24d1bfb1478dfba8b7706b4b7664563cec22eaf08da7f31689002 2230 ruby-saml_1.13.0-1+deb12u1.dsc f8a0782481a6fd36a902d2b2001054473226189dbc33dcded27fb483d47bd102 70190 ruby-saml_1.13.0.orig.tar.gz 68d980ea94dc39e612f4749f653a790fa1536d6c224b7c1bb4fb8c02f6529940 10468 ruby-saml_1.13.0-1+deb12u1.debian.tar.xz 2e1bcb2aa9497f9b34cb3083b7cc1fe75a9b9775aaafb0a32a6c4cc686d82102 7227 ruby-saml_1.13.0-1+deb12u1_source.buildinfo Files: d26ef3ff8e26de19d9e5d6560548d0ee 2230 ruby optional ruby-saml_1.13.0-1+deb12u1.dsc f81e8b13bb5fe0833b6b5ee09cb0d224 70190 ruby optional ruby-saml_1.13.0.orig.tar.gz c18068977cce871ee08634bc0cf0ed37 10468 ruby optional ruby-saml_1.13.0-1+deb12u1.debian.tar.xz eee50683702c01d485079679a419f7d4 7227 ruby optional ruby-saml_1.13.0-1+deb12u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmbnBAJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EDkYP/3sLy6A2IfifMBsJdCJarkMjBZRi95Y/ R9R9nm1x+DvFdpULIxRyY5jQ85UpDRFYvsJLpRNcuBuk6Bk9Q5Ki4PuvjCuE5lug 3MpiAWUpmMaB3cCHlNTWMJ+r4sV3J3xVQXT7nV7UHtZl4R6XcU/RkbW/1sEvDQP7 T5riKsAUiElxQxWpXdku84RCuluLU9YgrRFJWPOV5Dw4dhkeJQDZMK3D+NBdClH3 JRn9wsU8MzxxhWv7oEkW41IyYIuOZXeMojFFrZpQBUIlN/KOcjwQA+SpgD2ET4pw pYiGQxgc9WxicOI1wqbNAvdxNfQmPcNwYbaNlN2ShgvMEFydp5NET0KzQWuHQxWQ ZHLTkE0kAu8wWIuPF1tFCUGM9LqigtqeHHH/f2KnS01v/IeEKlPSVaknqnYNiT1r azzNvj5AubR82hp7VOZAvCWP9aRHXbHFnyajqtCIWNd/GS/ul4UfYmX04T6rafpB i8twaGD2CzAtO2cQdkmqIj+lTIz1tsROEZtV0XM9alLH+qUTv96ewpyY9IGzXtkJ y4rzcV37lJvA/aCS1+9DdRVu6E/HWOu1tGO1MpSrbzdoCqzKsx9y7TR0hX0tMf42 nbmJXREhQNHnJcMr5BxAfnN3KU+1tZkK4CpQ/kB1M+g4W79K7R2p9Ftnzsp2GvJE m3Xb3X1GuPEI =pTOD -----END PGP SIGNATURE-----