Debian Security Advisory 5822-1

Debian Security Advisory 5822-1: Posted Dec 2, 2024; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5822-1 - It was discovered that in SimpleSAMLphp, an implementation of the SAML 2.0 protocol, is prone to a XXE vulnerability when loading an (untrusted) XML document.; tags | advisory, protocol; systems | linux, debian; advisories | CVE-2024-52596; SHA-256 | 85431118bd856c7599eb83762fc3fab1d23f7a8af72de6e94d268adceec09d88; Download | Favorite | View

Debian Security Advisory 5822-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5822-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
December 02, 2024                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : simplesamlphp
CVE ID         : CVE-2024-52596

It was discovered that in SimpleSAMLphp, an implementation of the SAML
2.0 protocol, is prone to a XXE vulnerability when loading an
(untrusted) XML document.

For the stable distribution (bookworm), this problem has been fixed in
version 1.19.7-1+deb12u1.

We recommend that you upgrade your simplesamlphp packages.

For the detailed security status of simplesamlphp please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/simplesamlphp

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmdNx7dfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Ramw//R//UPGNKlLuKl+WKnQgmgGaI41VEE+Ny4juiPNpHDfB1xlQLO/QyrALM
tolILT6yeCgYP7nYUj5iEWaEP04iAa8xZyt1dQyCBmHPWrRhGPD0fB2Ne1dC6xuj
jHWFyQ/j26It23Vuogp8I/Kh1EdMYfDP4heSaPQlL6hMrj+tMMCfIZfmrVgFAVSF
VNtWFbmkidySw8rGtNKr5rv8DCPyxGZWGIFNsog4IbQ/9F01eovIdAbVMANKmj0A
nw9BjH9eXK38CPvhUmewT/l7WPcMyhav9yQtE/OxMilIiCTT3BOlO+kdUmdfk0jr
6+Q57mmdQR7CYM4eAjXeDg7akyquhT+L/x0zNZl25bA/E2XMkQwxBnzV5KU3Z8Wj
BXXirbkIjHkwPAKrZCOv75ryYL2WKj5yT6KaLAx7KMqq5OQPFAOAD/3/0llsT9vQ
yTBk0f5MaTjZ4mIRIcsSD5Vu4QgaaZXH1FLlKK6ykcZ2QHGNdGYkRmfP2YdTcK5s
8rReoIUSaclhlz3rKS+lv5WrbOQbcOvtpq+squIFqD0rRGA9r4dN/g0mGu6Uh/fY
7xmkE9Ell5Lkg2LUwsOpsx/AvO1QOPJhxUcqYtko8sC8waC3TAlYOeBycWQk5aFe
DPpgzs7JoZLfZB2hIsjD4QLe/Kavp06JCwIcHDzlnwJ7RaZ/cYE=
=5GGL
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 308 files
Ubuntu 67 files
Debian 24 files
Gentoo 8 files
Google Security Research 7 files
LiquidWorm 6 files
Apple 5 files
Jann Horn 3 files
Spencer McIntyre 3 files
Milad Karimi 3 files

File Archives

Systems

AIX (430)
Apple (2,133)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,177)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (395)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (52,160)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,495)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (10,025)
UNIX (9,482)
UnixWare (188)
Windows (6,786)
Other

Debian Security Advisory 5822-1

Debian Security Advisory 5822-1

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 5822-1

Share This

Debian Security Advisory 5822-1

File Archive:

December 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems