openldap 2.4.42+dfsg-2ubuntu3.12 source package in Ubuntu
Changelog
openldap (2.4.42+dfsg-2ubuntu3.12) xenial-security; urgency=medium
* SECURITY UPDATE: integer underflow in Certificate Exact Assertion
processing
- debian/patches/CVE-2020-36221-1.patch: fix serialNumberAndIssuerCheck
in servers/slapd/schema_init.c.
- debian/patches/CVE-2020-36221-2.patch: fix serialNumberAndIssuerCheck
in servers/slapd/schema_init.c.
- CVE-2020-36221
* SECURITY UPDATE: assert failure in saslAuthzTo validation
- debian/patches/CVE-2020-36222-1.patch: remove saslauthz asserts in
servers/slapd/saslauthz.c.
- debian/patches/CVE-2020-36222-2.patch: fix debug msg in
servers/slapd/saslauthz.c.
- CVE-2020-36222
* SECURITY UPDATE: crash in Values Return Filter control handling
- debian/patches/CVE-2020-36223.patch: fix vrfilter double-free in
servers/slapd/controls.c.
- CVE-2020-36223
* SECURITY UPDATE: DoS in saslAuthzTo processing
- debian/patches/CVE-2020-36224-1.patch: use ch_free on normalized DN
in servers/slapd/saslauthz.c.
- debian/patches/CVE-2020-36224-2.patch: use slap_sl_free in prev
commit in servers/slapd/saslauthz.c.
- CVE-2020-36224
* SECURITY UPDATE: DoS in saslAuthzTo processing
- debian/patches/CVE-2020-36225.patch: fix AVA_Sort on invalid RDN in
servers/slapd/dn.c.
- CVE-2020-36225
* SECURITY UPDATE: DoS in saslAuthzTo processing
- debian/patches/CVE-2020-36226.patch: fix slap_parse_user in
servers/slapd/saslauthz.c.
- CVE-2020-36226
* SECURITY UPDATE: infinite loop in cancel_extop Cancel operation
- debian/patches/CVE-2020-36227.patch: fix cancel exop in
servers/slapd/cancel.c.
- CVE-2020-36227
* SECURITY UPDATE: DoS in Certificate List Exact Assertion processing
- debian/patches/CVE-2020-36228.patch: fix issuerAndThisUpdateCheck in
servers/slapd/schema_init.c.
- CVE-2020-36228
* SECURITY UPDATE: DoS in X.509 DN parsing in ad_keystring
- debian/patches/CVE-2020-36229.patch: add more checks to
ldap_X509dn2bv in libraries/libldap/tls2.c.
- CVE-2020-36229
* SECURITY UPDATE: DoS in X.509 DN parsing in ber_next_element
- debian/patches/CVE-2020-36230.patch: check for invalid BER after RDN
count in libraries/libldap/tls2.c.
- CVE-2020-36230
-- Marc Deslauriers <email address hidden> Tue, 02 Feb 2021 11:51:22 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| openldap_2.4.42+dfsg.orig.tar.gz | 4.6 MiB | 5f56e4e3584f7a4b4c8437a2c985b2f519836946be77ef1aa43a5d20c02ea97b |
| openldap_2.4.42+dfsg-2ubuntu3.12.debian.tar.xz | 182.0 KiB | 44120f4a8b6aa21a0a6d628e3a2c030c2d2d17fe61580c5495e1aef6476255ca |
| openldap_2.4.42+dfsg-2ubuntu3.12.dsc | 3.0 KiB | ddbe6d65a15521f21df785eb04a88994ad49cf4d1efe5043f8e11b99a1e08fa2 |
Available diffs
Binary packages built by this source
- ldap-utils: OpenLDAP utilities
This package provides utilities from the OpenLDAP (Lightweight
Directory Access Protocol) package. These utilities can access a
local or remote LDAP server and contain all the client programs
required to access LDAP servers.
- ldap-utils-dbgsym: debug symbols for package ldap-utils
This package provides utilities from the OpenLDAP (Lightweight
Directory Access Protocol) package. These utilities can access a
local or remote LDAP server and contain all the client programs
required to access LDAP servers.
- libldap-2.4-2: OpenLDAP libraries
These are the run-time libraries for the OpenLDAP (Lightweight Directory
Access Protocol) servers and clients.
- libldap-2.4-2-dbg: Debugging information for OpenLDAP libraries
This package provides detached debugging information for the OpenLDAP
(Lightweight Directory Access Protocol) libraries. It is useful
primarily to permit better backtraces and crash dump analysis after
problems with the libraries. GDB will find this debug information
automatically.
- libldap-2.4-2-dbgsym: debug symbols for package libldap-2.4-2
These are the run-time libraries for the OpenLDAP (Lightweight Directory
Access Protocol) servers and clients.
- libldap2-dev: OpenLDAP development libraries
This package allows development of LDAP applications using the OpenLDAP
libraries. It includes headers, libraries and links to allow static and
dynamic linking.
- libldap2-dev-dbgsym: debug symbols for package libldap2-dev
This package allows development of LDAP applications using the OpenLDAP
libraries. It includes headers, libraries and links to allow static and
dynamic linking.
- slapd: OpenLDAP server (slapd)
This is the OpenLDAP (Lightweight Directory Access Protocol) server
(slapd). The server can be used to provide a standalone directory
service.
- slapd-dbg: Debugging information for the OpenLDAP server (slapd)
This package provides detached debugging information for the OpenLDAP
(Lightweight Directory Access Protocol) server (slapd). It is useful
primarily to permit better backtraces and crash dump analysis after
problems with the libraries. GDB will find this debug information
automatically.
- slapd-dbgsym: debug symbols for package slapd
This is the OpenLDAP (Lightweight Directory Access Protocol) server
(slapd). The server can be used to provide a standalone directory
service.
- slapd-smbk5pwd: Keeps Samba and Kerberos passwords in sync within slapd.
Extends the PasswordModify Extended Operation to update Kerberos keys
and Samba password hashes for an LDAP user. The Kerberos support is
written for Heimdal using its hdb-ldap backend. The Samba support is
written using the Samba 3.0 LDAP schema.
- slapd-smbk5pwd-dbgsym: debug symbols for package slapd-smbk5pwd
Extends the PasswordModify Extended Operation to update Kerberos keys
and Samba password hashes for an LDAP user. The Kerberos support is
written for Heimdal using its hdb-ldap backend. The Samba support is
written using the Samba 3.0 LDAP schema.
