Package "ldap-utils"
Name: |
ldap-utils
|
Description: |
OpenLDAP utilities
|
Latest version: |
2.4.42+dfsg-2ubuntu3.13 |
Release: |
xenial (16.04) |
Level: |
security |
Repository: |
main |
Head package: |
openldap |
Homepage: |
http://www.openldap.org/ |
Links
Download "ldap-utils"
Other versions of "ldap-utils" in Xenial
Changelog
openldap (2.4.42+dfsg-2ubuntu3.13) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via malicious packet
- debian/patches/CVE-2021-27212.patch: fix issuerAndThisUpdateCheck in
servers/slapd/schema_init.c.
- CVE-2021-27212
-- Marc Deslauriers <email address hidden> Thu, 18 Feb 2021 09:23:06 -0500
|
Source diff to previous version |
CVE-2021-27212 |
In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a craft |
|
openldap (2.4.42+dfsg-2ubuntu3.12) xenial-security; urgency=medium
* SECURITY UPDATE: integer underflow in Certificate Exact Assertion
processing
- debian/patches/CVE-2020-36221-1.patch: fix serialNumberAndIssuerCheck
in servers/slapd/schema_init.c.
- debian/patches/CVE-2020-36221-2.patch: fix serialNumberAndIssuerCheck
in servers/slapd/schema_init.c.
- CVE-2020-36221
* SECURITY UPDATE: assert failure in saslAuthzTo validation
- debian/patches/CVE-2020-36222-1.patch: remove saslauthz asserts in
servers/slapd/saslauthz.c.
- debian/patches/CVE-2020-36222-2.patch: fix debug msg in
servers/slapd/saslauthz.c.
- CVE-2020-36222
* SECURITY UPDATE: crash in Values Return Filter control handling
- debian/patches/CVE-2020-36223.patch: fix vrfilter double-free in
servers/slapd/controls.c.
- CVE-2020-36223
* SECURITY UPDATE: DoS in saslAuthzTo processing
- debian/patches/CVE-2020-36224-1.patch: use ch_free on normalized DN
in servers/slapd/saslauthz.c.
- debian/patches/CVE-2020-36224-2.patch: use slap_sl_free in prev
commit in servers/slapd/saslauthz.c.
- CVE-2020-36224
* SECURITY UPDATE: DoS in saslAuthzTo processing
- debian/patches/CVE-2020-36225.patch: fix AVA_Sort on invalid RDN in
servers/slapd/dn.c.
- CVE-2020-36225
* SECURITY UPDATE: DoS in saslAuthzTo processing
- debian/patches/CVE-2020-36226.patch: fix slap_parse_user in
servers/slapd/saslauthz.c.
- CVE-2020-36226
* SECURITY UPDATE: infinite loop in cancel_extop Cancel operation
- debian/patches/CVE-2020-36227.patch: fix cancel exop in
servers/slapd/cancel.c.
- CVE-2020-36227
* SECURITY UPDATE: DoS in Certificate List Exact Assertion processing
- debian/patches/CVE-2020-36228.patch: fix issuerAndThisUpdateCheck in
servers/slapd/schema_init.c.
- CVE-2020-36228
* SECURITY UPDATE: DoS in X.509 DN parsing in ad_keystring
- debian/patches/CVE-2020-36229.patch: add more checks to
ldap_X509dn2bv in libraries/libldap/tls2.c.
- CVE-2020-36229
* SECURITY UPDATE: DoS in X.509 DN parsing in ber_next_element
- debian/patches/CVE-2020-36230.patch: check for invalid BER after RDN
count in libraries/libldap/tls2.c.
- CVE-2020-36230
-- Marc Deslauriers <email address hidden> Tue, 02 Feb 2021 11:51:22 -0500
|
Source diff to previous version |
CVE-2020-36221 |
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in de |
CVE-2020-36222 |
A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of servic |
CVE-2020-36223 |
A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service |
CVE-2020-36224 |
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial |
CVE-2020-36225 |
A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of servic |
CVE-2020-36226 |
A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in |
CVE-2020-36227 |
A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of s |
CVE-2020-36228 |
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting |
CVE-2020-36229 |
A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in deni |
CVE-2020-36230 |
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, result |
|
openldap (2.4.42+dfsg-2ubuntu3.11) xenial-security; urgency=medium
* SECURITY UPDATE: assertion failure in Certificate List syntax
validation
- debian/patches/CVE-2020-25709.patch: properly handle error in
servers/slapd/schema_init.c.
- CVE-2020-25709
* SECURITY UPDATE: assertion failure in CSN normalization with invalid
input
- debian/patches/CVE-2020-25710.patch: properly handle error in
servers/slapd/schema_init.c.
- CVE-2020-25710
-- Marc Deslauriers <email address hidden> Mon, 16 Nov 2020 08:41:27 -0500
|
Source diff to previous version |
CVE-2020-25709 |
assertion failure in Certificate List syntax validation |
CVE-2020-25710 |
assertion failure in CSN normalization with invalid input |
|
openldap (2.4.42+dfsg-2ubuntu3.10) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via NULL pointer dereference
- debian/patches/CVE-2020-25692.patch: skip normalization if there's no
equality rule in servers/slapd/modrdn.c.
- CVE-2020-25692
-- Marc Deslauriers <email address hidden> Wed, 04 Nov 2020 09:44:48 -0500
|
Source diff to previous version |
CVE-2020-25692 |
vulnerability with slapd normalization handling with modrdn |
|
openldap (2.4.42+dfsg-2ubuntu3.8) xenial-security; urgency=medium
* SECURITY UPDATE: denial of service via nested search filters
- debian/patches/CVE-2020-12243.patch: limit depth of nested filters in
servers/slapd/filter.c.
- CVE-2020-12243
-- Marc Deslauriers <email address hidden> Fri, 01 May 2020 13:11:29 -0400
|
CVE-2020-12243 |
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). |
|
About
-
Send Feedback to @ubuntu_updates