ELA-1422-1 simplesamlphp security update
[DLA 4169-1] dropbear security update
[DLA 4168-1] openafs security update
ELA-1422-1 simplesamlphp security update
Package : simplesamlphp
Version : 1.16.3-1+deb10u4 (buster)
Related CVEs :
CVE-2020-5225
CVE-2025-27773
Multiple vulnerabilites have been discovered in SimpleSAMLphp, a framework for
authentication, primarily via the SAML protocol.
CVE-2020-5225
Log injection in SimpleSAMLphp before version 1.18.4. The www/erroreport.php script, which receives error reports and sends them via email to the system administrator, did not properly sanitize the report identifier obtained from the request. This allows an attacker, under specific circumstances, to inject new log lines by manually crafting this report ID. When configured to use the file logging handler, SimpleSAMLphp will output all its logs by appending each log line to a given file. Since the reportID parameter received in a request sent to www/errorreport.php was not properly sanitized, it was possible to inject newline characters into it, effectively allowing a malicious user to inject new log lines with arbitrary content.
CVE-2025-27773
The SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. Prior to versions 4.17.0 and 5.0.0-alpha.20, there is a signature confusion attack in the HTTPRedirect binding. An attacker with any signed SAMLResponse via the HTTP-Redirect binding can cause the application to accept an unsigned message. Versions 4.17.0 and 5.0.0-alpha.20 contain a fix for the issue.ELA-1422-1 simplesamlphp security update
[SECURITY] [DLA 4169-1] dropbear security update
-------------------------------------------------------------------------
Debian LTS Advisory DLA-4169-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Guilhem Moulin
May 17, 2025 https://wiki.debian.org/LTS
-------------------------------------------------------------------------
Package : dropbear
Version : 2020.81-3+deb11u3
CVE ID : CVE-2025-47203
Marcin Nowak discovered that dbclient(1) hostname arguments with a comma
(for multihop) are passed to the shell which could result in running
arbitrary shell commands locally. That could be a security issue in
situations where dbclient(1) is passed untrusted hostname arguments.
For Debian 11 bullseye, this problem has been fixed in version
2020.81-3+deb11u3.
We recommend that you upgrade your dropbear packages.
For the detailed security status of dropbear please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/dropbear
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
[SECURITY] [DLA 4168-1] openafs security update
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4168-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Thorsten Alteholz
May 17, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : openafs
Version : 1.8.6-5+deb11u1
CVE ID : CVE-2024-10394 CVE-2024-10396 CVE-2024-10397
Debian Bug :
Several vulnerabilities were discovered in OpenAFS, an implementation of
the AFS distributed filesystem, which may result in theft of credentials
in Unix client PAGs (CVE-2024-10394), fileserver crashes and information
leak on StoreACL/FetchACL (CVE-2024-10396) or buffer overflows in XDR
responses resulting in denial of service and potentially code execution
(CVE-2024-10397).
For Debian 11 bullseye, these problems have been fixed in version
1.8.6-5+deb11u1.
We recommend that you upgrade your openafs packages.
For the detailed security status of openafs please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openafs
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
