Package "slapd"
Name: |
slapd
|
Description: |
OpenLDAP server (slapd)
|
Latest version: |
2.4.28-1.1ubuntu4.12 |
Release: |
precise (12.04) |
Level: |
updates |
Repository: |
main |
Head package: |
openldap |
Homepage: |
http://www.openldap.org/ |
Links
Download "slapd"
Other versions of "slapd" in Precise
Changelog
openldap (2.4.28-1.1ubuntu4.12) precise-security; urgency=medium
[ Marc Deslauriers ]
* SECURITY UPDATE: assertion failure in Certificate List syntax
validation
- debian/patches/CVE-2020-25709.patch: properly handle error in
servers/slapd/schema_init.c.
- CVE-2020-25709
* SECURITY UPDATE: assertion failure in CSN normalization with invalid
input
- debian/patches/CVE-2020-25710.patch: properly handle error in
servers/slapd/schema_init.c.
- CVE-2020-25710
-- <email address hidden> (Leonidas S. Barbosa) Fri, 20 Nov 2020 11:16:57 -0300
|
Source diff to previous version |
CVE-2020-25709 |
assertion failure in Certificate List syntax validation |
CVE-2020-25710 |
assertion failure in CSN normalization with invalid input |
|
openldap (2.4.28-1.1ubuntu4.6) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via crafted BER data
- debian/patches/CVE-2015-6908.patch: remove obsolete assert in
libraries/liblber/io.c.
- CVE-2015-6908
* SECURITY UPDATE: user impersonation via incorrect default permissions
- debian/slapd.init.ldif: disallow modifying one's own entry by
default.
- CVE-2014-9713
-- Marc Deslauriers Mon, 14 Sep 2015 10:37:35 -0400
|
Source diff to previous version |
CVE-2015-6908 |
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable as |
CVE-2014-9713 |
The default slapd configuration in the Debian openldap package 2.4.23-3 through 2.4.39-1.1 allows remote authenticated users to modify the user's per |
|
openldap (2.4.28-1.1ubuntu4.5) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via an LDAP search query
with attrsOnly set to true. (LP: #1446809)
- debian/patches/CVE-2012-1164.1.patch: don't leave empty slots in
normalized attr values
- debian/patches/CVE-2012-1164.2.patch: add FIXME comment, note that
current patch is not ideal
- debian/patches/CVE-2012-1164.3.patch: fix attr_dup2 when no values are
present (attrsOnly = TRUE)
- CVE-2012-1164
* SECURITY UPDATE: fix rwm overlay reference counting
- debian/patches/CVE-2013-4449.patch: fix reference counting
- CVE-2013-4449
* SECURITY UPDATE: fix NULL pointer dereference in deref_parseCtrl()
- debian/patches/CVE-2015-1545.patch: require non-empty AttributeList
- CVE-2015-1545
-- Felipe Reyes <email address hidden> Tue, 19 May 2015 11:53:17 -0300
|
Source diff to previous version |
1446809 |
[SRU] denial of service via an LDAP search query (CVE-2012-1164, CVE-2013-4449, CVE-2015-1545) |
CVE-2012-1164 |
slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query wit |
CVE-2013-4449 |
The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of servic |
CVE-2015-1545 |
The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service |
|
openldap (2.4.28-1.1ubuntu4.4) precise-proposed; urgency=low
* Backport fix for back-mdb, fixes crash when deleting an entry
that contains an indexed numeric attribute (LP: #1216650):
- d/patches/its-7174-lutil_str2bin-cant-modify-input-strings.patch:
Upstream patch to make sure that lutil_str2bin does not
attempt to modify its input.
-- Roel Standaert <email address hidden> Sat, 31 Aug 2013 08:29:45 +0200
|
Source diff to previous version |
1216650 |
slapd crashed with SIGSEGV in lutil_str2bin() when using mdb |
|
openldap (2.4.28-1.1ubuntu4.3) precise-proposed; urgency=low
* Avoid deadlocks in back-bdb that truncate slapcat output (LP: #1185908):
- d/patches/bdb-deadlock.patch: Patch copied from Debian #673038
-- Ryan Tandy <email address hidden> Tue, 04 Jun 2013 09:00:09 -0700
|
1185908 |
slapd: slapcat output truncated every now and then |
|
About
-
Send Feedback to @ubuntu_updates