Package "openldap"
Name: |
openldap
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- Keeps Samba and Kerberos passwords in sync within slapd.
|
Latest version: |
2.4.42+dfsg-2ubuntu3.13 |
Release: |
xenial (16.04) |
Level: |
updates |
Repository: |
universe |
Links
Other versions of "openldap" in Xenial
Packages in group
Deleted packages are displayed in grey.
Changelog
openldap (2.4.42+dfsg-2ubuntu3.13) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via malicious packet
- debian/patches/CVE-2021-27212.patch: fix issuerAndThisUpdateCheck in
servers/slapd/schema_init.c.
- CVE-2021-27212
-- Marc Deslauriers <email address hidden> Thu, 18 Feb 2021 09:23:06 -0500
|
Source diff to previous version |
CVE-2021-27212 |
In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a craft |
|
openldap (2.4.42+dfsg-2ubuntu3.12) xenial-security; urgency=medium
* SECURITY UPDATE: integer underflow in Certificate Exact Assertion
processing
- debian/patches/CVE-2020-36221-1.patch: fix serialNumberAndIssuerCheck
in servers/slapd/schema_init.c.
- debian/patches/CVE-2020-36221-2.patch: fix serialNumberAndIssuerCheck
in servers/slapd/schema_init.c.
- CVE-2020-36221
* SECURITY UPDATE: assert failure in saslAuthzTo validation
- debian/patches/CVE-2020-36222-1.patch: remove saslauthz asserts in
servers/slapd/saslauthz.c.
- debian/patches/CVE-2020-36222-2.patch: fix debug msg in
servers/slapd/saslauthz.c.
- CVE-2020-36222
* SECURITY UPDATE: crash in Values Return Filter control handling
- debian/patches/CVE-2020-36223.patch: fix vrfilter double-free in
servers/slapd/controls.c.
- CVE-2020-36223
* SECURITY UPDATE: DoS in saslAuthzTo processing
- debian/patches/CVE-2020-36224-1.patch: use ch_free on normalized DN
in servers/slapd/saslauthz.c.
- debian/patches/CVE-2020-36224-2.patch: use slap_sl_free in prev
commit in servers/slapd/saslauthz.c.
- CVE-2020-36224
* SECURITY UPDATE: DoS in saslAuthzTo processing
- debian/patches/CVE-2020-36225.patch: fix AVA_Sort on invalid RDN in
servers/slapd/dn.c.
- CVE-2020-36225
* SECURITY UPDATE: DoS in saslAuthzTo processing
- debian/patches/CVE-2020-36226.patch: fix slap_parse_user in
servers/slapd/saslauthz.c.
- CVE-2020-36226
* SECURITY UPDATE: infinite loop in cancel_extop Cancel operation
- debian/patches/CVE-2020-36227.patch: fix cancel exop in
servers/slapd/cancel.c.
- CVE-2020-36227
* SECURITY UPDATE: DoS in Certificate List Exact Assertion processing
- debian/patches/CVE-2020-36228.patch: fix issuerAndThisUpdateCheck in
servers/slapd/schema_init.c.
- CVE-2020-36228
* SECURITY UPDATE: DoS in X.509 DN parsing in ad_keystring
- debian/patches/CVE-2020-36229.patch: add more checks to
ldap_X509dn2bv in libraries/libldap/tls2.c.
- CVE-2020-36229
* SECURITY UPDATE: DoS in X.509 DN parsing in ber_next_element
- debian/patches/CVE-2020-36230.patch: check for invalid BER after RDN
count in libraries/libldap/tls2.c.
- CVE-2020-36230
-- Marc Deslauriers <email address hidden> Tue, 02 Feb 2021 11:51:22 -0500
|
Source diff to previous version |
CVE-2020-36221 |
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in de |
CVE-2020-36222 |
A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of servic |
CVE-2020-36223 |
A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service |
CVE-2020-36224 |
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial |
CVE-2020-36225 |
A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of servic |
CVE-2020-36226 |
A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in |
CVE-2020-36227 |
A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of s |
CVE-2020-36228 |
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting |
CVE-2020-36229 |
A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in deni |
CVE-2020-36230 |
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, result |
|
openldap (2.4.42+dfsg-2ubuntu3.11) xenial-security; urgency=medium
* SECURITY UPDATE: assertion failure in Certificate List syntax
validation
- debian/patches/CVE-2020-25709.patch: properly handle error in
servers/slapd/schema_init.c.
- CVE-2020-25709
* SECURITY UPDATE: assertion failure in CSN normalization with invalid
input
- debian/patches/CVE-2020-25710.patch: properly handle error in
servers/slapd/schema_init.c.
- CVE-2020-25710
-- Marc Deslauriers <email address hidden> Mon, 16 Nov 2020 08:41:27 -0500
|
Source diff to previous version |
CVE-2020-25709 |
assertion failure in Certificate List syntax validation |
CVE-2020-25710 |
assertion failure in CSN normalization with invalid input |
|
openldap (2.4.42+dfsg-2ubuntu3.10) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via NULL pointer dereference
- debian/patches/CVE-2020-25692.patch: skip normalization if there's no
equality rule in servers/slapd/modrdn.c.
- CVE-2020-25692
-- Marc Deslauriers <email address hidden> Wed, 04 Nov 2020 09:44:48 -0500
|
Source diff to previous version |
CVE-2020-25692 |
vulnerability with slapd normalization handling with modrdn |
|
openldap (2.4.42+dfsg-2ubuntu3.9) xenial; urgency=medium
[ Andreas Hasenack ]
* d/p/ITS-9171-Insert-callback-in-the-right-place.patch: Import upstream
patch to fix slapd crashing in certain configurations when a client
attempts a login to a locked account. (LP: #1866303)
[ Sergio Durigan Junior]
* d/apparmor-profile: Update apparmor profile to grant access to
the saslauthd socket, so that SASL authentication works. (LP: #1557157)
-- Andreas Hasenack <email address hidden> Wed, 01 Jul 2020 16:33:08 -0300
|
1866303 |
slapd crash with pwdAccountLockedTime and stacked overlays |
1557157 |
apparmor profile denied for saslauthd: /run/saslauthd/mux |
|
About
-
Send Feedback to @ubuntu_updates