Ubuntu
lemonldap-ng package

lemonldap-ng 2.0.11+ds-4 source package in Ubuntu

Changelog

lemonldap-ng (2.0.11+ds-4) unstable; urgency=high

  * Import security fixes from 2.0.12
    * Session cache corruption can lead to authorization bypass or spoofing
      (Closes: CVE-2021-35472)
    * OAuth2 handler does not verify access token validity
      (Closes: CVE-2021-35473)
    * Fix XSS on register form
    * Don't display TOTP secret to connected user, neither in logs

 -- Yadd <email address hidden>  Thu, 22 Jul 2021 22:13:38 +0200

Upload details

Uploaded by:
Debian Perl Group
Uploaded to:
Sid
Original maintainer:
Debian Perl Group
Architectures:
all
Section:
perl
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Impish: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
lemonldap-ng_2.0.11+ds-4.dsc 4.7 KiB 8a9f84f22fa6e9f635d9d32e325aa1d58d8ee9acc2129a17428311e5c8bd4a16
lemonldap-ng_2.0.11+ds.orig.tar.xz 7.9 MiB 26b6b3330c78efdbaa4240175506eed5ac5f510349433ac280fbb730e8e7006d
lemonldap-ng_2.0.11+ds-4.debian.tar.xz 47.3 KiB 64b03108dcb028c415925872ec8f1c1ec2e326c037d92588da89c4a81b54b527

Available diffs

No changes file available.

Binary packages built by this source

lemonldap-ng: OpenID-Connect, CAS and SAML compatible Web-SSO system

 Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
 or directly on application webservers. It can be used in conjunction with
 OpenID-Connect, CAS and SAML systems as identity or service provider. It can
 also be used as proxy between those federation systems.
 .
 It manages both authentication and authorization and provides headers for
 accounting. So you can have a full AAA protection. Authorizations are built by
 associating a regular expression and a rule. Regular expression is applied on
 the requested URL and the rule calculates if the user is authorized.
 .
 This package is a metapackage that install handler, manager and portal.

lemonldap-ng-doc: Lemonldap::NG Web-SSO system documentation

 Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
 or directly on application webservers. It can be used in conjunction with
 OpenID-Connect, CAS and SAML systems as identity or service provider. It can
 also be used as proxy between those federation systems.
 .
 It manages both authentication and authorization and provides headers for
 accounting. So you can have a full AAA protection. Authorizations are built by
 associating a regular expression and a rule. Regular expression is applied on
 the requested URL and the rule calculates if the user is authorized.
 .
 This package contains html documentation.

lemonldap-ng-fastcgi-server: No summary available for lemonldap-ng-fastcgi-server in ubuntu impish.

No description available for lemonldap-ng-fastcgi-server in ubuntu impish.

lemonldap-ng-handler: Lemonldap::NG handler part

 Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
 or directly on application webservers. It can be used in conjunction with
 OpenID-Connect, CAS and SAML systems as identity or service provider. It can
 also be used as proxy between those federation systems.
 .
 It manages both authentication and authorization and provides headers for
 accounting. So you can have a full AAA protection. Authorizations are built by
 associating a regular expression and a rule. Regular expression is applied on
 the requested URL and the rule calculates if the user is authorized.
 .
 This package provides configuration files for Apache and Nginx used to protect
 web areas.

lemonldap-ng-uwsgi-app: No summary available for lemonldap-ng-uwsgi-app in ubuntu impish.

No description available for lemonldap-ng-uwsgi-app in ubuntu impish.

liblemonldap-ng-common-perl: No summary available for liblemonldap-ng-common-perl in ubuntu impish.

No description available for liblemonldap-ng-common-perl in ubuntu impish.

liblemonldap-ng-handler-perl: No summary available for liblemonldap-ng-handler-perl in ubuntu impish.

No description available for liblemonldap-ng-handler-perl in ubuntu impish.

liblemonldap-ng-manager-perl: Lemonldap::NG manager part

 Lemonldap::NG is a complete Web-SSO system that can run with reverse-proxies
 or directly on application webservers. It can be used in conjunction with
 OpenID-Connect, CAS and SAML systems as identity or service provider. It can
 also be used as proxy between those federation systems.
 .
 It manages both authentication and authorization and provides headers for
 accounting. So you can have a full AAA protection. Authorizations are built by
 associating a regular expression and a rule. Regular expression is applied on
 the requested URL and the rule calculates if the user is authorized.
 .
 Lemonldap::NG::Manager provides the administration interface.

liblemonldap-ng-portal-perl: No summary available for liblemonldap-ng-portal-perl in ubuntu impish.

No description available for liblemonldap-ng-portal-perl in ubuntu impish.