-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4288-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 01, 2025 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : ruby-saml Version : 1.11.0-1+deb11u3 CVE ID : CVE-2025-54572 DoS with large SAML responses has been fixed in ruby-saml, a library implementing the client side of SAML authorization for the Ruby interpreter. For Debian 11 bullseye, this problem has been fixed in version 1.11.0-1+deb11u3. We recommend that you upgrade your ruby-saml packages. For the detailed security status of ruby-saml please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ruby-saml Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmi1YosACgkQiNJCh6LY mLEkAw//fjvJyUsK+lv7i6IjNZD4VU6bIxDl8jYxnQ43HtBdRJQyXjpNXn3fnaEv iUxmoY0Cjzru2CKQxJNzjxfC/eVZ8xS5c9Mj4tJsU0caLp6J8d+xt63iwey6JGGK mHq0TTjnb33xQpYxkscpmb+uVHjqDcpzHyt3tpMGT2KBPTYWkMt68XjaBICwJlVb 6+XCeNDALWXi5F9Ml1isViPYrkxAUVgN9u8UeQXOLl7smCHhdn2qsDGj0fv9EdwT VtMM4NyUVL4FLzC1/x16RsEQ/fDOP1xiUxNoQAmeH2txZfEraym3bjd5PQB3moe9 eZYmNMjEMVi2LFENyjufA3GDvxxqLdBXgrd4T+IFMonS9FVrDxr2a/GfJcYBqBRz ASz5MpHs91pNpQr8qN77V1SjoFepbyckypNwOCO8iFsypZIZvbCDQhO/TKM5TdEt FwLm/N8kDy00vOLVBvIhgh9KO6uR1aSksDduGn5vaMvUbRscHyXwqlnToQn4UIfa JC7ew1H8k1MnxQztaOVk3mfHOqLmEN60Z1Ry3M3xw3II7PGytoL7e+XRwo2yz4GJ pl61A3A+NjSXyCW3wwR6mNEcyIRAFgE8TCKZSDr2Bh+McyH0ZwYzamwCjwJetgOZ LQuuGG8QjLn5uRKu55vLtcxHkGf6cuN52IVY+i4983DdSLGMTQY= =mB0o -----END PGP SIGNATURE-----
