Ubuntu
openldap package

openldap 2.4.49+dfsg-2ubuntu1.6 source package in Ubuntu

Changelog

openldap (2.4.49+dfsg-2ubuntu1.6) focal-security; urgency=medium

  * SECURITY UPDATE: integer underflow in Certificate Exact Assertion
    processing
    - debian/patches/CVE-2020-36221-1.patch: fix serialNumberAndIssuerCheck
      in servers/slapd/schema_init.c.
    - debian/patches/CVE-2020-36221-2.patch: fix serialNumberAndIssuerCheck
      in servers/slapd/schema_init.c.
    - CVE-2020-36221
  * SECURITY UPDATE: assert failure in saslAuthzTo validation
    - debian/patches/CVE-2020-36222-1.patch: remove saslauthz asserts in
      servers/slapd/saslauthz.c.
    - debian/patches/CVE-2020-36222-2.patch: fix debug msg in
      servers/slapd/saslauthz.c.
    - CVE-2020-36222
  * SECURITY UPDATE: crash in Values Return Filter control handling
    - debian/patches/CVE-2020-36223.patch: fix vrfilter double-free in
      servers/slapd/controls.c.
    - CVE-2020-36223
  * SECURITY UPDATE: DoS in saslAuthzTo processing
    - debian/patches/CVE-2020-36224-1.patch: use ch_free on normalized DN
      in servers/slapd/saslauthz.c.
    - debian/patches/CVE-2020-36224-2.patch: use slap_sl_free in prev
      commit in servers/slapd/saslauthz.c.
    - CVE-2020-36224
  * SECURITY UPDATE: DoS in saslAuthzTo processing
    - debian/patches/CVE-2020-36225.patch: fix AVA_Sort on invalid RDN in
      servers/slapd/dn.c.
    - CVE-2020-36225
  * SECURITY UPDATE: DoS in saslAuthzTo processing
    - debian/patches/CVE-2020-36226.patch: fix slap_parse_user in
      servers/slapd/saslauthz.c.
    - CVE-2020-36226
  * SECURITY UPDATE: infinite loop in cancel_extop Cancel operation
    - debian/patches/CVE-2020-36227.patch: fix cancel exop in
      servers/slapd/cancel.c.
    - CVE-2020-36227
  * SECURITY UPDATE: DoS in Certificate List Exact Assertion processing
    - debian/patches/CVE-2020-36228.patch: fix issuerAndThisUpdateCheck in
      servers/slapd/schema_init.c.
    - CVE-2020-36228
  * SECURITY UPDATE: DoS in X.509 DN parsing in ad_keystring
    - debian/patches/CVE-2020-36229.patch: add more checks to
      ldap_X509dn2bv in libraries/libldap/tls2.c.
    - CVE-2020-36229
  * SECURITY UPDATE: DoS in X.509 DN parsing in ber_next_element
    - debian/patches/CVE-2020-36230.patch: check for invalid BER after RDN
      count in libraries/libldap/tls2.c.
    - CVE-2020-36230

 -- Marc Deslauriers <email address hidden>  Tue, 02 Feb 2021 11:06:34 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
openldap_2.4.49+dfsg.orig.tar.gz 4.6 MiB 240022395b438f327aa860a631c1d4eef9b17e63ec8965d3aca2aa983e6d81e6
openldap_2.4.49+dfsg-2ubuntu1.6.debian.tar.xz 182.3 KiB 9d78880a0cbdecc1aacf5d54c49528201201490fc5bd181dc4510e3a63315b87
openldap_2.4.49+dfsg-2ubuntu1.6.dsc 3.1 KiB 294882e3ec463e40f284d41de788ddad0e167f7ca24e0cb7e86ea49c3bc5889b

View changes file

Binary packages built by this source

ldap-utils: OpenLDAP utilities

 This package provides utilities from the OpenLDAP (Lightweight
 Directory Access Protocol) package. These utilities can access a
 local or remote LDAP server and contain all the client programs
 required to access LDAP servers.

ldap-utils-dbgsym: debug symbols for ldap-utils
libldap-2.4-2: OpenLDAP libraries

 These are the run-time libraries for the OpenLDAP (Lightweight Directory
 Access Protocol) servers and clients.

libldap-2.4-2-dbgsym: debug symbols for libldap-2.4-2
libldap-common: OpenLDAP common files for libraries

 These are common files for the run-time libraries for the OpenLDAP
 (Lightweight Directory Access Protocol) servers and clients.

libldap2-dev: OpenLDAP development libraries

 This package allows development of LDAP applications using the OpenLDAP
 libraries. It includes headers, libraries and links to allow static and
 dynamic linking.

slapd: OpenLDAP server (slapd)

 This is the OpenLDAP (Lightweight Directory Access Protocol) server
 (slapd). The server can be used to provide a standalone directory
 service.

slapd-contrib: contributed plugins for OpenLDAP slapd

 This package contains a number of slapd overlays and plugins contributed by
 the OpenLDAP community. While distributed as part of OpenLDAP Software, they
 are not necessarily supported by the OpenLDAP Project.

slapd-contrib-dbgsym: debug symbols for slapd-contrib
slapd-dbgsym: debug symbols for slapd
slapd-smbk5pwd: transitional package for slapd-contrib

 This is a transitional package from slapd-smbk5pwd to slapd-contrib. It can be
 safely removed.

slapi-dev: development libraries for OpenLDAP SLAPI plugin interface

 This package allows development of plugins for the OpenLDAP slapd server
 using the SLAPI interface. It includes the headers and libraries needed
 to build such plugins.