Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Debian 8: DLA-1844-1 Critical: Lemonldap-ng XML Entity Issue

debian lts
Calendar Grey July 4, 2019
Dist Debian Esm H88
Enhance lemonldap-ng to address the risk presented by XML external entity issues, thereby safeguarding against possible information leakage and denial of service attacks.
It was discovered that there was a XML external entity vulnerability in the lemonldap-ng single-sign on system
Topics%20covered

Topics Covered

security advisory debian doS data disclosure ssrf lemonldap-ng xml entity

Summary

We recommend that you upgrade your lemonldap-ng packages.


Regards,

- --
,'`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-



Severity
critical
Lowest
Low
Medium
High
Critical

Package: lemonldap-ng
Version: 1.3.3-1+deb8u2
CVE ID: CVE-2019-13031
Debian Bug: #931117

Topics%20covered

Topics Covered

security advisory debian doS data disclosure ssrf lemonldap-ng xml entity

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here