Hi, On Sat, Nov 09, 2024 at 06:54:39PM +0400, Yadd wrote: > Package: release.debian.org > Severity: normal > Tags: bookworm > X-Debbugs-Cc: lemonldap...@packages.debian.org, y...@debian.org > Control: affects -1 + src:lemonldap-ng > User: release.debian....@packages.debian.org > Usertags: pu > > [ Reason ] > lemonldap-ng is a Web-SSO. In Bookworm, it is vulnerable to: > - XSS issue into the "Upgrade" plugin that allow user to upgrade their > authentication level into current session (example, use a SSL card > instead of login/password) > - Escalation privilege when "Adaptative auth level" is used: user can > apply the benefit more than one time using the "refresh- session" > mechanism > > [ Impact ] > Medium seciruty issues. > > [ Tests ] > Test updated, passed > > [ Risks ] > Low risk: patch is trivial > > [ Checklist ] > [X] *all* changes are documented in the d/changelog > [X] I reviewed all changes and I approve them > [X] attach debdiff against the package in (old)stable > [X] the issue is verified as fixed in unstable > > [ Changes ] > - don't apply adaptative rules when session is refreshed > - apply the "chackXSS" method on "Upgrade" plugin URLs > > [ Other info ] > These 2 issues will have a CVE number soon
FTR/context, those are CVE-2024-52946 and CVE-2024-52947. Regards, Salvatore
