Change logs for openldap2.2 source package in Feisty
-
openldap2.2 (2.2.26-5ubuntu3) edgy; urgency=low * SECURITY UPDATE: Crash/arbitrary code execution with crafted host names. * servers/slurpd/st.c, St_read(): - Do not sprintf arbitrarily long strings into fixed-size tbuf. - Patch ported from upstream CVS commit: http://www.openldap.org/devel/cvsweb.cgi/servers/slurpd/st.c.diff? r1=1.21&r2=1.22&hideattic=1&sortbydate=0&f=u - CVE-2006-2754 -- Martin Pitt <email address hidden> Mon, 26 Jun 2006 11:37:55 +0000