Bug#1033653: bullseye-pu: package lemonldap-ng/2.0.11+ds-4+deb11u
Control: tags -1 + confirmed
On Wed, 2023-03-29 at 16:26 +0400, Yadd wrote:
> lemonldap-ng is vulnarable to a second factor bypass when used with
> an
> "AuthBasic handler" (generally used for non-browser apps).
>
[...]
> I didn't pushed yet the already accepted patch for deb11u3
> (#1030598).
> Maybe we could join and push directly deb11u4 into Bullseye.
>
Apparently you also merged the bug reports, thus removing the
indication that the previous update had already been approved. In
future, please don't do that, it makes the tracking a little more
confusing.
Please go ahead.
Regards,
Adam
Reply to: