Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted lemonldap-ng 2.0.11+ds-4+deb11u8 (source) into oldoldstable-security
Date: Thu, 28 May 2026 06:20:14 +0000
Signed by: Abhijith PA <abhijith@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 17 May 2026 18:35:09 +0200
Source: lemonldap-ng
Architecture: source
Version: 2.0.11+ds-4+deb11u8
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian Perl Group <pkg-perl-maintainers@lists.alioth.debian.org>
Changed-By: Xavier Guimard <yadd@debian.org>
Changes:
 lemonldap-ng (2.0.11+ds-4+deb11u8) bullseye-security; urgency=medium
 .
   * Don't expos *_ in safe jail (Closes: CVE-2025-59518)
   * Update doc and default Nginx files to avoid using Nginx $http_host
     variable (known as buggy)
   * Fix CSRF during 2F registration (CVE-2024-52948)
   * Don't expose session-id in ajax responses
Checksums-Sha1:
 2bdf68a4b6abdc0cb36e0c798e00a15f5c46b68f 4828 lemonldap-ng_2.0.11+ds-4+deb11u8.dsc
 546b357949c72804180a52709ff2b5110bdef65c 68724 lemonldap-ng_2.0.11+ds-4+deb11u8.debian.tar.xz
 7da894d44246fa53e41d9934e9c997a64d157f9b 20860 lemonldap-ng_2.0.11+ds-4+deb11u8_amd64.buildinfo
Checksums-Sha256:
 19be4ada384ae04326375c653039610d97f955e0d9d298bf1839948c7efbde0b 4828 lemonldap-ng_2.0.11+ds-4+deb11u8.dsc
 4da3314ca12e6050e67d724732da470153f4bf5f4ac2b56847c31f57ecaa54eb 68724 lemonldap-ng_2.0.11+ds-4+deb11u8.debian.tar.xz
 31b6eaccca1862fdaf978e364e46cf56466f63b0686f73f5148f45a976219e4f 20860 lemonldap-ng_2.0.11+ds-4+deb11u8_amd64.buildinfo
Files:
 81dc268883eac28eef9ba8afdbfbcf0b 4828 perl optional lemonldap-ng_2.0.11+ds-4+deb11u8.dsc
 0c4fc69dfdeec945907160139dc6cd88 68724 perl optional lemonldap-ng_2.0.11+ds-4+deb11u8.debian.tar.xz
 d546e4525f879e59346d105064ad842a 20860 perl optional lemonldap-ng_2.0.11+ds-4+deb11u8_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAmoX2+IUHGFiaGlqaXRo
QGRlYmlhbi5vcmcACgkQhj1N8u2cKO/XQg/+POAEIkX1OKzY2kAYqWi/b/HJN1v4
P6FRiUkAq508jXlBqbrAWnryW7fNc+C2vpHFRLYms0m94KtdRdn/w/aRQVM3PYkn
b0SeWriqsal5zyIXjV+cnfGwEA6vthfjvBwtghjrFPTHsG4oGy7NYR5Uv9kksMTr
cgIOLxAbL3hn4lZT2kL4mydlY0IYdXowsFsKpKh0kGPkfds1xkQ4/wRNna+0tlDo
KRb8uvlJTElI8W7jX3jvnmi+ZTkvx3x+9cKPlROzc7JiMaPV32bM9boxNOXHyFhD
43PhpDbuHkrsia63yx+C1HieHOkApXGfp10M4XEREKBctcym55kFQgy+QHhBNMPw
3giTINExButchFK/UFBLvidfDimJ1Aqm9He5syfXvBit3iAfO67nskMeqpRJFFWd
5bUxDRfcCPcA0/Ccbg0q95X7ID5l6nsfk4Nd35WVaeDQy7yJFSVBhB6Rb2CEEfL8
4FHUpAsFFw7joF++GCtc9NNtrLAPouedNu6wZChKFpiIWm41IwdRT1RVd1DocBam
Fm40MzAi4nrBH/bJXMX55hz8Qv+m1AwzBLrjKv/PSIfHU9v7Ww/Qa/QE2knIpmw+
O9zSxUmibX7AmgwRzRenVqa3hhy0yrSLmKe9HJctDIyaqtPXQ8i36BTqMvYqxDWP
2tBgXJh6baDg9JQ=
=0XNT
-----END PGP SIGNATURE-----

News for package lemonldap-ng