Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Debian 11 DLA-4115-1 critical: ruby-saml authentication bypass and DoS

debian lts
Calendar Grey April 4, 2025
Dist Debian Esm H88
Important patch for the ruby-saml package resolves security flaws related to authentication bypass and denial of service attacks in Debian version 11.
Multiple vulnerabilities have been detected in ruby-saml, a library for implementing the client side of a SAML authorization

Summary

CVE-2025-25291 and CVE-2025-25292

ruby-saml is susceptible to an authentication bypass vulnerability.

CVE-2025-25293

ruby-saml is susceptible to a Zlib deflate decompression bomb and a
remote Denial of Service (DoS) caused by compressed SAML responses.

For Debian 11 bullseye, these problems have been fixed in version
1.11.0-1+deb11u2.

We recommend that you upgrade your ruby-saml packages.

For the detailed security status of ruby-saml please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/ruby-saml

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Severity
critical
Lowest
Low
Medium
High
Critical

Package: ruby-saml
Version: 1.11.0-1+deb11u2
CVE ID: CVE-2025-25291 CVE-2025-25292 CVE-2025-25293
Debian Bug: 1100441

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here