[SECURITY] [DLA 4288-1] ruby-saml security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 4288-1] ruby-saml security update
From: Adrian Bunk <bunk@debian.org>
Date: Mon, 1 Sep 2025 12:08:27 +0300
Message-id: <[🔎] aLViiydRiDypmAmj@localhost>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4288-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
September 01, 2025                            https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : ruby-saml
Version        : 1.11.0-1+deb11u3
CVE ID         : CVE-2025-54572

DoS with large SAML responses has been fixed in ruby-saml,
a library implementing the client side of SAML authorization
for the Ruby interpreter.

For Debian 11 bullseye, this problem has been fixed in version
1.11.0-1+deb11u3.

We recommend that you upgrade your ruby-saml packages.

For the detailed security status of ruby-saml please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ruby-saml

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmi1YosACgkQiNJCh6LY
mLEkAw//fjvJyUsK+lv7i6IjNZD4VU6bIxDl8jYxnQ43HtBdRJQyXjpNXn3fnaEv
iUxmoY0Cjzru2CKQxJNzjxfC/eVZ8xS5c9Mj4tJsU0caLp6J8d+xt63iwey6JGGK
mHq0TTjnb33xQpYxkscpmb+uVHjqDcpzHyt3tpMGT2KBPTYWkMt68XjaBICwJlVb
6+XCeNDALWXi5F9Ml1isViPYrkxAUVgN9u8UeQXOLl7smCHhdn2qsDGj0fv9EdwT
VtMM4NyUVL4FLzC1/x16RsEQ/fDOP1xiUxNoQAmeH2txZfEraym3bjd5PQB3moe9
eZYmNMjEMVi2LFENyjufA3GDvxxqLdBXgrd4T+IFMonS9FVrDxr2a/GfJcYBqBRz
ASz5MpHs91pNpQr8qN77V1SjoFepbyckypNwOCO8iFsypZIZvbCDQhO/TKM5TdEt
FwLm/N8kDy00vOLVBvIhgh9KO6uR1aSksDduGn5vaMvUbRscHyXwqlnToQn4UIfa
JC7ew1H8k1MnxQztaOVk3mfHOqLmEN60Z1Ry3M3xw3II7PGytoL7e+XRwo2yz4GJ
pl61A3A+NjSXyCW3wwR6mNEcyIRAFgE8TCKZSDr2Bh+McyH0ZwYzamwCjwJetgOZ
LQuuGG8QjLn5uRKu55vLtcxHkGf6cuN52IVY+i4983DdSLGMTQY=
=mB0o
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4079-2] openvpn regression update
Next by Date: [SECURITY] [DLA DLA-4287-1] libsndfile security update
Previous by thread: [SECURITY] [DLA 4079-2] openvpn regression update
Next by thread: [SECURITY] [DLA DLA-4287-1] libsndfile security update
Index(es):
- Date
- Thread