TEMP-0000000-5C6A59

NameTEMP-0000000-5C6A59
Descriptionsession id exposed in portal AJAX responses
SourceAutomatically generated temporary name. Not for external reference.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
lemonldap-ng (PTS)bullseye2.0.11+ds-4+deb11u5vulnerable
bullseye (security)2.0.11+ds-4+deb11u8fixed
bookworm2.16.1+ds-deb12u8fixed
bookworm (security)2.16.1+ds-deb12u6vulnerable
trixie2.21.2+ds-1+deb13u2fixed
forky, sid2.23.0+ds-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
lemonldap-ngsourcebullseye2.0.11+ds-4+deb11u8
lemonldap-ngsourcebookworm2.16.1+ds-deb12u7
lemonldap-ngsourcetrixie2.21.2+ds-1+deb13u1
lemonldap-ngsource(unstable)2.21.3+ds-1

Notes

https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/3446
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/a091e9b3f81fd33da1da8479e7ac442633db49c5 (v2.21.3)
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/3472
https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/8a084a9b09c5aa24c557b4ae1161a84df92048e4 (v2.16.7)
Search for package or bug name: Reporting problems