Utkarsh Gupta pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dce35243 by Utkarsh Gupta at 2020-08-26T02:21:22+05:30
Revert "Mark CVE-2019-15941/lemonldap-ng as not-affected for stretch"
This reverts commit 93539d92d142b0ab915626b04a635d5da88163bc.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -68978,7 +68978,7 @@ CVE-2019-15942 (FFmpeg through 4.2 has a "Conditional
jump or move depends on un
CVE-2019-15941 (OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may
allow an ...)
{DSA-4533-1}
- lemonldap-ng 2.0.6+ds-1
- [stretch] - lemonldap-ng <not-affected> (Vulnerable code introduced
later)
+ [stretch] - lemonldap-ng <ignored> (Restrictions on OIDC federation
added in 2.0)
[jessie] - lemonldap-ng <not-affected> (Vulnerable code introduced
later)
NOTE: Vulnerability exists pre-2.0 versions, but as restrictions on
OIDC federation
NOTE: were added only in 2.0 the vulnerability has no effect. The
vulnerability
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dce35243785d2d48d1593af19060e461f0afb668
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dce35243785d2d48d1593af19060e461f0afb668
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
