openldap 2.4.28-1.1ubuntu4.5 source package in Ubuntu

Changelog

openldap (2.4.28-1.1ubuntu4.5) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via an LDAP search query
    with attrsOnly set to true. (LP: #1446809)
    - debian/patches/CVE-2012-1164.1.patch: don't leave empty slots in
      normalized attr values
    - debian/patches/CVE-2012-1164.2.patch: add FIXME comment, note that
      current patch is not ideal
    - debian/patches/CVE-2012-1164.3.patch: fix attr_dup2 when no values are
      present (attrsOnly = TRUE)
    - CVE-2012-1164
  * SECURITY UPDATE: fix rwm overlay reference counting
    - debian/patches/CVE-2013-4449.patch: fix reference counting
    - CVE-2013-4449
  * SECURITY UPDATE: fix NULL pointer dereference in deref_parseCtrl()
    - debian/patches/CVE-2015-1545.patch: require non-empty AttributeList
    - CVE-2015-1545

 -- Felipe Reyes <email address hidden>  Tue, 19 May 2015 11:53:17 -0300

Upload details

Uploaded by:
Felipe Reyes on 2015-05-25
Sponsored by:
Marc Deslauriers
Uploaded to:
Precise
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openldap_2.4.28.orig.tar.gz 4.5 MiB 1fcc10fc22d9ffff7940df76135a4a349ea4c6d1ec212e4542493a500e85448a
openldap_2.4.28-1.1ubuntu4.5.diff.gz 175.2 KiB 0eb040b3081a041617b145f4cc4af057d6e073e3e81193984258215a8c18ad76
openldap_2.4.28-1.1ubuntu4.5.dsc 2.8 KiB 725324159c9701b6057610c576829213cd13b51df4e396fd2a993fdb427b147c

View changes file

Binary packages built by this source

ldap-utils: OpenLDAP utilities

 This package provides utilities from the OpenLDAP (Lightweight
 Directory Access Protocol) package. These utilities can access a
 local or remote LDAP server and contain all the client programs
 required to access LDAP servers.

ldap-utils-dbgsym: debug symbols for package ldap-utils

 This package provides utilities from the OpenLDAP (Lightweight
 Directory Access Protocol) package. These utilities can access a
 local or remote LDAP server and contain all the client programs
 required to access LDAP servers.

libldap-2.4-2: OpenLDAP libraries

 These are the run-time libraries for the OpenLDAP (Lightweight Directory
 Access Protocol) servers and clients.

libldap-2.4-2-dbg: Debugging information for OpenLDAP libraries

 This package provides detached debugging information for the OpenLDAP
 (Lightweight Directory Access Protocol) libraries. It is useful
 primarily to permit better backtraces and crash dump analysis after
 problems with the libraries. GDB will find this debug information
 automatically.

libldap-2.4-2-dbgsym: debug symbols for package libldap-2.4-2

 These are the run-time libraries for the OpenLDAP (Lightweight Directory
 Access Protocol) servers and clients.

libldap2-dev: OpenLDAP development libraries

 This package allows development of LDAP applications using the OpenLDAP
 libraries. It includes headers, libraries and links to allow static and
 dynamic linking.

slapd: OpenLDAP server (slapd)

 This is the OpenLDAP (Lightweight Directory Access Protocol) server
 (slapd). The server can be used to provide a standalone directory
 service.

slapd-dbg: Debugging information for the OpenLDAP server (slapd)

 This package provides detached debugging information for the OpenLDAP
 (Lightweight Directory Access Protocol) server (slapd). It is useful
 primarily to permit better backtraces and crash dump analysis after
 problems with the libraries. GDB will find this debug information
 automatically.

slapd-dbgsym: debug symbols for package slapd

 This is the OpenLDAP (Lightweight Directory Access Protocol) server
 (slapd). The server can be used to provide a standalone directory
 service.