Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted lemonldap-ng 2.0.11+ds-4+deb11u6 (source) into oldstable-security
Date: Sat, 30 Nov 2024 18:10:20 +0000
Signed by: Guilhem Moulin <guilhem@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 30 Nov 2024 15:21:43 +0100
Source: lemonldap-ng
Architecture: source
Version: 2.0.11+ds-4+deb11u6
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Perl Group <pkg-perl-maintainers@lists.alioth.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 1084979
Changes:
 lemonldap-ng (2.0.11+ds-4+deb11u6) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * Fix CVE-2024-48933: XSS vulnerability in the login page when userControl
     has been set to a non-default value that allows special HTML characters.
     (Closes: #1084979)
   * Fix CVE-2024-52946: Improper check during session refresh which can allow
     an authenticated user to raise their authentication level.
   * Fix CVE-2024-52947: XSS vulnerability in the upgrade session confirmation
     page.
Checksums-Sha1:
 f603d2454be0019719994fd37c1dfd11dc016ed8 4799 lemonldap-ng_2.0.11+ds-4+deb11u6.dsc
 8bdbbb652ff11eb0a73d441aab47fb21325a61e5 8302736 lemonldap-ng_2.0.11+ds.orig.tar.xz
 d6b7aeaba7e4828f19dc578e8fc1af69a7528ece 64216 lemonldap-ng_2.0.11+ds-4+deb11u6.debian.tar.xz
 6ca6044c3acc7c4d603ea97cd48f92c9ad8e3703 20638 lemonldap-ng_2.0.11+ds-4+deb11u6_amd64.buildinfo
Checksums-Sha256:
 db0f075f1ef41eca3db15110b19ad11357e987cd6338f906b705fd71623f9710 4799 lemonldap-ng_2.0.11+ds-4+deb11u6.dsc
 26b6b3330c78efdbaa4240175506eed5ac5f510349433ac280fbb730e8e7006d 8302736 lemonldap-ng_2.0.11+ds.orig.tar.xz
 c438f3230b483e00bf5f9dd39b4498bf7d5b54db80f8c847f9ab046743b43f0b 64216 lemonldap-ng_2.0.11+ds-4+deb11u6.debian.tar.xz
 cd7a46f01498362a5dd8be16349d8c06345de51323375fe5bd0b5e8b2645c6c6 20638 lemonldap-ng_2.0.11+ds-4+deb11u6_amd64.buildinfo
Files:
 2f2504516f5188225a9d43b7b665d5eb 4799 perl optional lemonldap-ng_2.0.11+ds-4+deb11u6.dsc
 0825e9347b409b3814249528c4a356de 8302736 perl optional lemonldap-ng_2.0.11+ds.orig.tar.xz
 cf3fd0cdf0bf6c94c0da72b57d3d16fc 64216 perl optional lemonldap-ng_2.0.11+ds-4+deb11u6.debian.tar.xz
 39fcd050f07477d76cf14b79a8790181 20638 perl optional lemonldap-ng_2.0.11+ds-4+deb11u6_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmdLIBIACgkQ05pJnDwh
pVKZwxAAoAUESBHAdJ6PcZ76Rr3RSXBx5KcszDaMBYT0EWVoGf2bURwnw2cNg/4e
xF31OhRehVFsGtJs0T3ETwvjrCwALbU5PJ11t1KKky07QuE1uwbPhPnqPch13rIO
8cSECreCbG9n5YgZUMHEHJO6QHTPixPgS/VmjWP6lDrYlTHuQpTP2YeAI26IrMga
XoBSQLlhAFNp7KQUgF+2welvRw3Xnwyn/tduBDtBhxiAxlWcZwtr57vHPqrjMt7a
IECaGp1k68pZPXlXy/1OQrq7joeZgCdgqO9cVO+UZ97qRZUvHCQCt58qN3L7bN/M
BpKDSmpPn/9mxcaqBGrAaQOczwoAz3nKh7yEicj0l2mad6x3N2GaUyfM02deHUi3
SNsnkgB8ovHz7eF/5yvIqsL2hyLmTMPT8GpThespJDBuY2Jk4VdGoSkCY2xjgKBQ
ZWWEybuVNOjt8/Z3d+Ee0Yf7UqnHiN2o4KvgTy3/KAqoTlYUK3/x2D6TbuYqRbOx
ixpG1Z6boFf5dYbg8PE6M+IN457pnw4d1q/9wMUDZc883grd5zhYab3099tfgDXH
bnfUVAXUNjSuUUMdmI0DOb1Y+dMbLaLsl1lkoL9pzUN4NPXF+mixb67iVpzuaI+c
zzvNpdn6AA7/kJ9L2Y2WUk2O16R0zugBmQKElExGG5OA3HBSJNQ=
=JdsG
-----END PGP SIGNATURE-----

News for package lemonldap-ng