[SECURITY] [DLA 4119-1] lemonldap-ng security update

Tue, 08 Apr 2025 09:48:09 -0700 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4119-1                [email protected]
https://www.debian.org/lts/security/                                 Yadd
April 08, 2025                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : lemonldap-ng
Version        : 2.0.11+ds-4+deb11u7
CVE ID         : CVE-2025-31510

lemonldap-ng is a powerful SSO solution that implement OpenID-Connect,
SAML, CAS,... An input validation vulnerability (XSS) has been
identified when using the "Choice" module. It permit to introduce HTML
code into login page, and if the default Content-Security-Policy headers
have been modify, it may be possible to inject JavaScript code also.

For Debian 11 bullseye, this problem has been fixed in version
2.0.11+ds-4+deb11u7.

We recommend that you upgrade your lemonldap-ng packages.

For the detailed security status of lemonldap-ng please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/lemonldap-ng

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQJGBAEBCgAwFiEEAN/li4tVV3nRAF7J9tdMp8mZ7ukFAmf1UqISHHguZ3VpbWFy
ZEBmcmVlLmZyAAoJEPbXTKfJme7piSMQAJ4lmk8QqBx+vPS8nKt6tccDh9CO1SNc
K48VSnC07JRZjLGBSt6evUVsCotZxrs1riVNht3wTk4ZO59LOTjHT+27FzL9HCZZ
YtPQKi4lQZ7erRlO6Dv5KMK3HDUID1wXfCc0hWFABSrBA+VE9nIefDabXJwIYOlw
BTCylwl9vVvJvKBb0pEJbzqsULPDA+gEK88CxCvod47E/+oy1QEZMC5eYFSPse5i
he7N1VkoNA1EoLi8bVot6SHOTexKpaLyYsKkot+AyPs99v5jXvG7Oa9/NOJKoQVo
U2ltvmMadMV7IVblhb5im31UXxmSkE69m9nYE/+S0yo5OKIrrAX4RQURxBIn0DCr
5VctUrKLerLzA96J54C2WQzoUHTCO7Wlh3F3q+ShW0/AXFjwVlAJO4AH05EzaQtu
skzsK1nt8AWxjh8+jl+cvcIsITz+VsSc4Sby1FERqKGSviTv7TYoNbR4YnKZIw4d
KUvmyjjoaAK/SFaxFmiSKYHfKjJ49aXyFJL5JwH4P5jJCuKyakBNqP6Aabznyie0
fHPZq9rHiZTw2MFrZh4eyFIb5d2JDW12OJcNXIUsDXYHjoOD767CADIJ9veBWGM/
XsBHngmh2bUwlxdPAI7cqn8OntEVK1fl0cwice/vv8oAWF99kt+6HOT4kr1rf2c6
PipRfVIXizIK
=nNG9
-----END PGP SIGNATURE-----

Reply via email to