Information on source package lemonldap-ng

Available versions

ReleaseVersion
buster2.0.2+ds-7+deb10u7
buster (security)2.0.2+ds-7+deb10u10
bullseye2.0.11+ds-4+deb11u5
bookworm2.16.1+ds-deb12u2
trixie2.18.2+ds-1
sid2.18.2+ds-1

Resolved issues

BugDescription
CVE-2023-44469A Server-Side Request Forgery issue in the OpenID Connect Issuer in Le ...
CVE-2023-28862An issue was discovered in LemonLDAP::NG before 2.16.1. Weak session I ...
CVE-2022-37186In LemonLDAP::NG before 2.0.15. some sessions are not deleted when the ...
CVE-2021-40874An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. Wh ...
CVE-2021-35473Access token lifetime is not verified with OAuth2 Handler
CVE-2021-35472An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache ...
CVE-2020-24660An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is ...
CVE-2020-16093In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.5 ...
CVE-2019-19791In LemonLDAP::NG (aka lemonldap-ng) before 2.0.7, the default Apache H ...
CVE-2019-15941OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an ...
CVE-2019-13031LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue whe ...
CVE-2019-12046LemonLDAP::NG -2.0.3 has Incorrect Access Control.
CVE-2012-6426LemonLDAP::NG before 1.2.3 does not use the signature-verification cap ...

Security announcements

DSA / DLADescription
DLA-3612-1lemonldap-ng - security update
DLA-3496-1lemonldap-ng - security update
DLA-3287-1lemonldap-ng - security update
DSA-4943-1lemonldap-ng - security update
DSA-4762-1lemonldap-ng - security update
DLA-2367-1lemonldap-ng - security update
DSA-4533-1lemonldap-ng - security update
DLA-1844-1lemonldap-ng - security update
DLA-1790-1lemonldap-ng - security update
DSA-4446-1lemonldap-ng - security update

Search for package or bug name: Reporting problems