Control: tags -1 + confirmed On Wed, 2023-03-29 at 16:26 +0400, Yadd wrote: > lemonldap-ng is vulnarable to a second factor bypass when used with > an > "AuthBasic handler" (generally used for non-browser apps). > [...] > I didn't pushed yet the already accepted patch for deb11u3 > (#1030598). > Maybe we could join and push directly deb11u4 into Bullseye. >
Apparently you also merged the bug reports, thus removing the indication that the previous update had already been approved. In future, please don't do that, it makes the tracking a little more confusing. Please go ahead. Regards, Adam
