Release | Version |
---|---|
buster | 2.0.2+ds-7+deb10u7 |
buster (security) | 2.0.2+ds-7+deb10u6 |
bullseye | 2.0.11+ds-4+deb11u2 |
bookworm | 2.0.15.1+ds-1.1 |
sid | 2.0.15.1+ds-1.1 |
Bug | buster | bullseye | bookworm | sid | Description |
---|---|---|---|---|---|
CVE-2022-37186 | vulnerable (no DSA) | fixed | fixed | fixed | Session destroyed on portal but still valid on handlers |
CVE-2020-16093 | vulnerable (no DSA) | fixed | fixed | fixed | In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.5 ... |
Bug | Description |
---|---|
CVE-2021-40874 | An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. Wh ... |
CVE-2021-35473 | Access token lifetime is not verified with OAuth2 Handler |
CVE-2021-35472 | An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache ... |
CVE-2020-24660 | An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is ... |
CVE-2019-19791 | Apache access rules and SOAP/REST endpoints issue |
CVE-2019-15941 | OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an ... |
CVE-2019-13031 | LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue whe ... |
CVE-2019-12046 | LemonLDAP::NG -2.0.3 has Incorrect Access Control. ... |
CVE-2012-6426 | LemonLDAP::NG before 1.2.3 does not use the signature-verification cap ... |
DSA / DLA | Description |
---|---|
DSA-4943-1 | lemonldap-ng - security update |
DSA-4762-1 | lemonldap-ng - security update |
DLA-2367-1 | lemonldap-ng - security update |
DSA-4533-1 | lemonldap-ng - security update |
DLA-1844-1 | lemonldap-ng - security update |
DLA-1790-1 | lemonldap-ng - security update |
DSA-4446-1 | lemonldap-ng - security update |