openldap 2.4.42+dfsg-2ubuntu3.6 source package in Ubuntu

Changelog

openldap (2.4.42+dfsg-2ubuntu3.6) xenial-security; urgency=medium

  * SECURITY UPDATE: rootDN proxyauthz not restricted to its own databases
    - debian/patches/CVE-2019-13057-1.patch: add restriction to
      servers/slapd/saslauthz.c.
    - debian/patches/CVE-2019-13057-2.patch: add tests to
      tests/data/idassert.out, tests/data/slapd-idassert.conf,
      tests/data/test-idassert1.ldif, tests/scripts/test028-idassert.
    - debian/patches/CVE-2019-13057-3.patch: fix typo in
      tests/scripts/test028-idassert.
    - debian/patches/CVE-2019-13057-4.patch: fix typo in
      tests/scripts/test028-idassert.
    - CVE-2019-13057
  * SECURITY UPDATE: SASL SSF not initialized per connection
    - debian/patches/CVE-2019-13565.patch: zero out sasl_ssf in
      connection_init in servers/slapd/connection.c.
    - CVE-2019-13565

 -- Marc Deslauriers <email address hidden>  Fri, 26 Jul 2019 13:28:04 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2019-07-29
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial security on 2019-07-30 main net

Downloads

File Size SHA-256 Checksum
openldap_2.4.42+dfsg.orig.tar.gz 4.6 MiB 5f56e4e3584f7a4b4c8437a2c985b2f519836946be77ef1aa43a5d20c02ea97b
openldap_2.4.42+dfsg-2ubuntu3.6.debian.tar.xz 176.4 KiB 442ee321317fccfcfae8bdb9e90caa7818c2ceebf5d0b5a2e10cc266ecc3ec6a
openldap_2.4.42+dfsg-2ubuntu3.6.dsc 3.0 KiB ad6f9ad3a6f5134a753abbb1877a78b63990d39b1337b809c7b87e56e1e25a7b

View changes file

Binary packages built by this source

ldap-utils: OpenLDAP utilities

 This package provides utilities from the OpenLDAP (Lightweight
 Directory Access Protocol) package. These utilities can access a
 local or remote LDAP server and contain all the client programs
 required to access LDAP servers.

ldap-utils-dbgsym: debug symbols for package ldap-utils

 This package provides utilities from the OpenLDAP (Lightweight
 Directory Access Protocol) package. These utilities can access a
 local or remote LDAP server and contain all the client programs
 required to access LDAP servers.

libldap-2.4-2: OpenLDAP libraries

 These are the run-time libraries for the OpenLDAP (Lightweight Directory
 Access Protocol) servers and clients.

libldap-2.4-2-dbg: Debugging information for OpenLDAP libraries

 This package provides detached debugging information for the OpenLDAP
 (Lightweight Directory Access Protocol) libraries. It is useful
 primarily to permit better backtraces and crash dump analysis after
 problems with the libraries. GDB will find this debug information
 automatically.

libldap-2.4-2-dbgsym: debug symbols for package libldap-2.4-2

 These are the run-time libraries for the OpenLDAP (Lightweight Directory
 Access Protocol) servers and clients.

libldap2-dev: OpenLDAP development libraries

 This package allows development of LDAP applications using the OpenLDAP
 libraries. It includes headers, libraries and links to allow static and
 dynamic linking.

libldap2-dev-dbgsym: debug symbols for package libldap2-dev

 This package allows development of LDAP applications using the OpenLDAP
 libraries. It includes headers, libraries and links to allow static and
 dynamic linking.

slapd: OpenLDAP server (slapd)

 This is the OpenLDAP (Lightweight Directory Access Protocol) server
 (slapd). The server can be used to provide a standalone directory
 service.

slapd-dbg: Debugging information for the OpenLDAP server (slapd)

 This package provides detached debugging information for the OpenLDAP
 (Lightweight Directory Access Protocol) server (slapd). It is useful
 primarily to permit better backtraces and crash dump analysis after
 problems with the libraries. GDB will find this debug information
 automatically.

slapd-dbgsym: debug symbols for package slapd

 This is the OpenLDAP (Lightweight Directory Access Protocol) server
 (slapd). The server can be used to provide a standalone directory
 service.

slapd-smbk5pwd: Keeps Samba and Kerberos passwords in sync within slapd.

 Extends the PasswordModify Extended Operation to update Kerberos keys
 and Samba password hashes for an LDAP user. The Kerberos support is
 written for Heimdal using its hdb-ldap backend. The Samba support is
 written using the Samba 3.0 LDAP schema.

slapd-smbk5pwd-dbgsym: debug symbols for package slapd-smbk5pwd

 Extends the PasswordModify Extended Operation to update Kerberos keys
 and Samba password hashes for an LDAP user. The Kerberos support is
 written for Heimdal using its hdb-ldap backend. The Samba support is
 written using the Samba 3.0 LDAP schema.