-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 05 Apr 2025 00:37:32 +0200 Source: ruby-saml Architecture: source Version: 1.11.0-1+deb11u2 Distribution: bullseye-security Urgency: medium Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintainers@lists.alioth.debian.org> Changed-By: Daniel Leidert <dleidert@debian.org> Closes: 1100441 Changes: ruby-saml (1.11.0-1+deb11u2) bullseye-security; urgency=medium . * Non-maintainer upload by the Debian LTS Team. * d/patches/CVE-2025-25291-and-CVE-2025-25292.patch. Add patch to fix CVE-2025-25291 and CVE-2025-25292 (closes: #1100441). - Fix an authentication bypass vulnerability. * d/patches/CVE-2025-25293-1.patch, d/patches/CVE-2025-25293-2.patch: Add patches to fix CVE-2025-25293. - Minimize a Zlib deflate decompression bomb. - Fix a remote Denial of Service (DoS) caused by compressed SAML responses. Checksums-Sha1: 55b33832193d49ac90f7fc7aac3163bcf7e90bbf 2114 ruby-saml_1.11.0-1+deb11u2.dsc c6226ccc9e9985450e409269d609ce8379ce1fe3 14896 ruby-saml_1.11.0-1+deb11u2.debian.tar.xz f3d7baefd594aebf923a837aa45f748c0b9e5c1c 9899 ruby-saml_1.11.0-1+deb11u2_amd64.buildinfo Checksums-Sha256: fa47a88085771279a2ed0a3a22e1e0845c2230d0681ba1944330169d72583846 2114 ruby-saml_1.11.0-1+deb11u2.dsc 8cef2d99538a4c9d7e2c415aaeae5c47609126f5becd6c457aa3f8b56c22a92f 14896 ruby-saml_1.11.0-1+deb11u2.debian.tar.xz 5bf8817da8b3fee2659c907041d903986ed3d12650773e520f2f73011165d5ab 9899 ruby-saml_1.11.0-1+deb11u2_amd64.buildinfo Files: 8d6cb6d2446516e6a497d31021f1ef15 2114 ruby optional ruby-saml_1.11.0-1+deb11u2.dsc 0f68aaac27077aa6be8d95bc650086b5 14896 ruby optional ruby-saml_1.11.0-1+deb11u2.debian.tar.xz 9ec2fe10c788431d72622e161969c9a0 9899 ruby optional ruby-saml_1.11.0-1+deb11u2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEvu1N7VVEpMA+KD3HS80FZ8KW0F0FAmfwYT8ACgkQS80FZ8KW 0F31DhAAuudi34MCZdqHn+Wrdhwj0hONTHWhkz+n+6yQ7x555CmRTBeV0+WjmXUL roAXJB7VdVdvwT70uhqUpwXFXIjxQSsFuQ+3cpJXDXPGq5jl9C7zNZkmAYOPKiw1 u85ig1onRpaKNkNcRnCYTrM707DYmMoaunQijUsv2oYlzE5jmq97Dn54iIDTbwac 9J1FtkkGLDj9n9ZxVH24D6HYQ0VQIogloWH6l8H0OaU3APOotW+rwj3NDSx4u63z fiiqCF3y+ct6W4uOjjKfIax8yxV65B52ychFF7X8CmQLg8UK96M1TFikZNcB50zw a8DS1mlL1/k4UKerizgsBKh18lnwsc/4xsRzoI8bIDf36Rf79P8X2qa0GdRRYW7t FVeac5whWt/BoheK+b4GW9q9wcdUqg3CrI42MqpRLgjgiPvId0zwRAh9/dRGfTsk aPeULLFCeELnw9m6q22VyaqLMT7F/c6hgIXqpECI96gmvAEHvJWcE9eNBa6h1qg6 65HD1OSdQ7c8/fmit/43ZQFYXAji0bCw0NJhXkc8wSL1m3yAE97dYiZgXfaanB9v P2xM7OU3rUAPWmtUIUAo8vzASsARtvw8wCzTgisHoxdpYALUyS30f7oG4rXmLElp GOSmP/KtRUmexcSvBskk0XKduKBblTwY8nR5uThGWLRDE9QvAwQ= =W5I2 -----END PGP SIGNATURE-----