Debian Patches
Status for lemonldap-ng/2.21.2+ds-1+deb13u2
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| javascript-path.patch | preserve javascript-common path | Xavier Guimard <x.guimard@free.fr> | not-needed | 2018-10-30 | ||
| Avoid-developer-tests.patch | Avoid some heavy developer tests | Xavier Guimard <x.guimard@free.fr> | not-needed | debian | 2016-12-26 | |
| replace-api-doc-by-link.diff | replace api doc by external link api is a compiled webpage (swagger-codegen). Since there is now good Open-API doc generator in Debian archive, this doc is excluded and replaced by a link to upstream website |
Xavier Guimard <yadd@debian.org> | yes | 2020-05-06 | ||
| fix-makefile.patch | fix makefile (shuffle bug) | Yadd <yadd@debian.org> | yes | debian | 2025-05-13 | |
| CVE-2025-59518.patch | fix shell injection from admin interface (notifications | Maxime Besson <maxime.besson@worteks.com> | not-needed | upstream | upstream, commit:228d0194, commit:8b5ce4de | 2025-10-17 |
| dont-expose-session-id-in-ajax-responses.patch | don't expose session id into Ajax responses | Yadd <yadd@debian.org> | not-needed | upstream | upstream, https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/778 | 2025-09-12 |
| fix-google-auth.patch | fix Google OIDC authentication | Maxime Besson <maxime.besson@worteks.com | not-needed | upstream | upstream, https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/merge_requests/777 | 2025-09-12 |
| 3478-fix-oidc-alg.patch | fix typo that breaks alg Sadly the test OP was named "op" | Yadd <yadd@debian.org> | not-needed | upstream | 2026-05-01 | |
| really-hide-password-in-session-explorer.patch | really hide passwords from session explorer | Yadd <yadd@debian.org> | not-needed | upstream | upstream, commit:d9ba579 | 2026-05-01 |
| fix-oidc-frontchannel.patch | fix typo that broke OIDC front-channel-logout | Yadd <yadd@debian.org> | not-needed | upstream | upstream, commit:c4dde51 | 2026-05-01 |
| workaround-nginx-issue.patch | workaround Nginx issue This patch is a supplementary security for the Nginx issue fixed in Nginx 1.26.3-3+deb13u4 . This avoids using the unsecure $http_host variable. |
Yadd <yadd@debian.org> | not-needed | upstream | upstream, commit:b82e1abd | 2026-05-01 |
All known versions for source package 'lemonldap-ng'
- 2.23.0+ds-3 (sid)
- 2.22.3+ds-1 (forky)
- 2.22.3+ds-1~bpo13+1 (trixie-backports)
- 2.21.3+ds-1~bpo12+1 (bookworm-backports)
- 2.21.2+ds-1+deb13u2 (trixie)
- 2.16.1+ds-deb12u8 (bookworm)
- 2.16.1+ds-deb12u6 (bookworm-security)