UbuntuUpdates.org

Package "ldb"

Name: ldb

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • LDAP-like embedded database - development files
  • LDAP-like embedded database - shared library
  • LDAP-like embedded database - debug symbols
  • Python bindings for LDB

Latest version: 1:1.1.24-0ubuntu0.14.04.2
Release: trusty (14.04)
Level: security
Repository: main

Links



Other versions of "ldb" in Trusty

Repository Area Version
base main 1:1.1.16-1
base universe 1:1.1.16-1
security universe 1:1.1.24-0ubuntu0.14.04.2
updates universe 1:1.1.24-0ubuntu0.14.04.2
updates main 1:1.1.24-0ubuntu0.14.04.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:1.1.24-0ubuntu0.14.04.2 2019-02-26 15:07:22 UTC

  ldb (1:1.1.24-0ubuntu0.14.04.2) trusty-security; urgency=medium

  * SECURITY UPDATE: Out of bound read in ldb_wildcard_compare
    - debian/patches/CVE-2019-3824-1.patch: fix length.
    - debian/patches/CVE-2019-3824-2.patch: add extra comments.
    - debian/patches/CVE-2019-3824-3.patch: improve code style.
    - debian/patches/CVE-2019-3824-4.patch: use talloc_zero.
    - debian/patches/CVE-2019-3824-5.patch: check tree operation.
    - debian/patches/CVE-2019-3824-6.patch: fix end of data check.
    - CVE-2019-3824

 -- Marc Deslauriers <email address hidden> Mon, 25 Feb 2019 08:27:10 -0500

Source diff to previous version
CVE-2019-3824 Out of bound read in ldb_wildcard_compare

Version: 1:1.1.24-0ubuntu0.14.04.1 2016-04-18 13:06:55 UTC

  ldb (1:1.1.24-0ubuntu0.14.04.1) trusty-security; urgency=medium

  * Updated to upstream 1.1.24 as required by Samba security update.
    - debian/patches/01_exclude_symbols: removed, upstream.
    - debian/patches/CVE-2015-3223.patch: removed, upstream.
    - debian/patches/CVE-2015-5330.patch: removed, upstream.
    - debian/rules: adjusted location of files to be cleaned.
    - debian/*.symbols: updated for new version.
    - debian/control: bump tdb Build-Depends.

 -- Marc Deslauriers <email address hidden> Tue, 05 Apr 2016 13:14:18 -0400

Source diff to previous version
CVE-2015-3223 The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7,
CVE-2015-5330 ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, w

Version: 1:1.1.16-1ubuntu0.1 2016-01-05 20:06:20 UTC

  ldb (1:1.1.16-1ubuntu0.1) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service in ldb_wildcard_compare function
    - debian/patches/CVE-2015-3223.patch: handle empty strings and
      embedded zeros in lib/ldb/common/ldb_match.c.
    - CVE-2015-3223
  * SECURITY UPDATE: information leak via incorrect string length handling
    - debian/patches/CVE-2015-5330.patch: fix string length handling in
      lib/ldb/common/ldb_dn.c.
    - CVE-2015-5330

 -- Marc Deslauriers Mon, 04 Jan 2016 10:14:35 -0500

CVE-2015-3223 The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7,
CVE-2015-5330 ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, w



About   -   Send Feedback to @ubuntu_updates