Bug#1010531: bullseye-pu: package ldap-account-manager/7.4-1

To: Roland Gruber <post@rolandgruber.de>, 1010531@bugs.debian.org
Subject: Bug#1010531: bullseye-pu: package ldap-account-manager/7.4-1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 28 May 2022 20:11:14 +0100
Message-id: <[🔎] 514f6a76fa1d541a0dd09381a083722c36c524bf.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1010531@bugs.debian.org
In-reply-to: <[🔎] 165160191720.28896.12319515083943920719.reportbug@lappi>
References: <[🔎] 165160191720.28896.12319515083943920719.reportbug@lappi> <[🔎] 165160191720.28896.12319515083943920719.reportbug@lappi>

Control: tags -1 + confirmed

On Tue, 2022-05-03 at 20:18 +0200, Roland Gruber wrote:
> Package: release.debian.org
> Severity: important
> 

p-u requests are always "normal" severity. (Fixed earlier.)

[...]
> Stored XSS and arbitrary image read vulnerability.
> See 
> https://github.com/LDAPAccountManager/lam/security/advisories/GHSA-f2fr-cccr-583v
> 

Please go ahead.

Regards,

Adam

Reply to:

References:
- Bug#1010531: bullseye-pu: package ldap-account-manager/7.4-1
  - From: Roland Gruber <post@rolandgruber.de>

Prev by Date: Bug#1010439: bullseye-pu: package node-sqlite3/5.0.0+ds1-1+deb11u1
Next by Date: Processed: Re: Bug#1010857: bullseye-pu: package unrar-nonfree/1:6.0.3-1+deb11u1
Previous by thread: Bug#1010531: Acknowledgement (bullseye-pu: package ldap-account-manager/7.4-1)
Next by thread: Processed: Re: Bug#1010531: bullseye-pu: package ldap-account-manager/7.4-1
Index(es):
- Date
- Thread