[ubuntu/noble-security] ledgersmb 1.6.33+ds-2.1ubuntu0.1 (Accepted)
John Breton
john.breton at canonical.com
Thu Jul 17 13:52:10 UTC 2025
ledgersmb (1.6.33+ds-2.1ubuntu0.1) noble-security; urgency=medium
* SECURITY UPDATE: No origin check for HTML fragments
- debian/patches/CVE-2021-3693.patch: Fix regression of errors not
creating pop-ups
- CVE-2021-3693
* SECURITY UPDATE: Missing secure attribute over HTTPS
- debian/patches/CVE-2021-3882.patch: Use HTTPS environment setting
to detect https connections
- CVE-2021-3882
* SECURITY UPDATE: Privilege escalation
- debian/patches/CVE-2024-23831.patch: Fix missing CSRF mitigation
- CVE-2024-23831
Date: 2025-07-15 17:50:35.999042+00:00
Changed-By: John Breton <john.breton at canonical.com>
https://launchpad.net/ubuntu/+source/ledgersmb/1.6.33+ds-2.1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list