UbuntuUpdates.org

Package "openldap"

Name: openldap

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • OpenLDAP utilities
  • OpenLDAP libraries
  • OpenLDAP common files for libraries
  • OpenLDAP development libraries

Latest version: 2.4.45+dfsg-1ubuntu1.11
Release: bionic (18.04)
Level: security
Repository: main

Links



Other versions of "openldap" in Bionic

Repository Area Version
base main 2.4.45+dfsg-1ubuntu1
base universe 2.4.45+dfsg-1ubuntu1
security universe 2.4.45+dfsg-1ubuntu1.11
updates main 2.4.45+dfsg-1ubuntu1.11
updates universe 2.4.45+dfsg-1ubuntu1.11

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.4.45+dfsg-1ubuntu1.5 2020-05-06 17:08:40 UTC

  openldap (2.4.45+dfsg-1ubuntu1.5) bionic-security; urgency=medium

  * SECURITY UPDATE: denial of service via nested search filters
    - debian/patches/CVE-2020-12243.patch: limit depth of nested filters in
      servers/slapd/filter.c.
    - CVE-2020-12243

 -- Marc Deslauriers <email address hidden> Fri, 01 May 2020 13:11:02 -0400

Source diff to previous version
CVE-2020-12243 In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).

Version: 2.4.45+dfsg-1ubuntu1.3 2019-07-30 18:07:22 UTC

  openldap (2.4.45+dfsg-1ubuntu1.3) bionic-security; urgency=medium

  * SECURITY UPDATE: rootDN proxyauthz not restricted to its own databases
    - debian/patches/CVE-2019-13057-1.patch: add restriction to
      servers/slapd/saslauthz.c.
    - debian/patches/CVE-2019-13057-2.patch: add tests to
      tests/data/idassert.out, tests/data/slapd-idassert.conf,
      tests/data/test-idassert1.ldif, tests/scripts/test028-idassert.
    - debian/patches/CVE-2019-13057-3.patch: fix typo in
      tests/scripts/test028-idassert.
    - debian/patches/CVE-2019-13057-4.patch: fix typo in
      tests/scripts/test028-idassert.
    - CVE-2019-13057
  * SECURITY UPDATE: SASL SSF not initialized per connection
    - debian/patches/CVE-2019-13565.patch: zero out sasl_ssf in
      connection_init in servers/slapd/connection.c.
    - CVE-2019-13565

 -- Marc Deslauriers <email address hidden> Fri, 26 Jul 2019 13:27:16 -0400

CVE-2019-13057 An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certa
CVE-2019-13565 An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers



About   -   Send Feedback to @ubuntu_updates