Debian Buster: DSA-4533-1 Moderate: Lemonldap-NG OIDC Code Restriction

debian

September 25, 2019

It was discovered that the Lemonldap::NG web SSO system did not restrict OIDC authorization codes to the relying party

Topics Covered

security advisory threat issue authorization lemonldap-ng buster

Summary

It was discovered that the Lemonldap::NG web SSO system did not restrict
OIDC authorization codes to the relying party.

For the stable distribution (buster), this problem has been fixed in
version 2.0.2+ds-7+deb10u2.

We recommend that you upgrade your lemonldap-ng packages.

For the detailed security status of lemonldap-ng please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/lemonldap-ng

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Package: lemonldap-ng

CVE ID: CVE-2019-15941

Topics Covered

security advisory threat issue authorization lemonldap-ng buster

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Debian Buster: DSA-4533-1 Moderate: Lemonldap-NG OIDC Code Restriction

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Debian Buster: DSA-4533-1 Moderate: Lemonldap-NG OIDC Code Restriction

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!