Format: 1.8 Date: Fri, 26 Jul 2019 13:21:00 -0400 Source: openldap Binary: ldap-utils libldap-2.4-2 libldap-common libldap2-dev slapd slapd-contrib slapd-smbk5pwd slapi-dev Architecture: amd64 all amd64_translations Version: 2.4.47+dfsg-3ubuntu2.1 Distribution: disco Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: ldap-utils - OpenLDAP utilities libldap-2.4-2 - OpenLDAP libraries libldap-common - OpenLDAP common files for libraries libldap2-dev - OpenLDAP development libraries slapd - OpenLDAP server (slapd) slapd-contrib - contributed plugins for OpenLDAP slapd slapd-smbk5pwd - transitional package for slapd-contrib slapi-dev - development libraries for OpenLDAP SLAPI plugin interface Changes: openldap (2.4.47+dfsg-3ubuntu2.1) disco-security; urgency=medium . * SECURITY UPDATE: rootDN proxyauthz not restricted to its own databases - debian/patches/CVE-2019-13057-1.patch: add restriction to servers/slapd/saslauthz.c. - debian/patches/CVE-2019-13057-2.patch: add tests to tests/data/idassert.out, tests/data/slapd-idassert.conf, tests/data/test-idassert1.ldif, tests/scripts/test028-idassert. - debian/patches/CVE-2019-13057-3.patch: fix typo in tests/scripts/test028-idassert. - debian/patches/CVE-2019-13057-4.patch: fix typo in tests/scripts/test028-idassert. - CVE-2019-13057 * SECURITY UPDATE: SASL SSF not initialized per connection - debian/patches/CVE-2019-13565.patch: zero out sasl_ssf in connection_init in servers/slapd/connection.c. - CVE-2019-13565 Checksums-Sha1: 6bebb48f1706098760b1824722b908506527ffee 535480 ldap-utils-dbgsym_2.4.47+dfsg-3ubuntu2.1_amd64.ddeb 00a653019cef366fa560b13b9688c618960e0eea 125580 ldap-utils_2.4.47+dfsg-3ubuntu2.1_amd64.deb fd619a7d6658e7aef6ed5b1deb5be6bdfeb5e99d 537684 libldap-2.4-2-dbgsym_2.4.47+dfsg-3ubuntu2.1_amd64.ddeb d41e213118c1046ca0539f42a337332d3df8a9d7 155168 libldap-2.4-2_2.4.47+dfsg-3ubuntu2.1_amd64.deb 0597618ca7558b14423fb12526d3b1085f88bfb8 16852 libldap-common_2.4.47+dfsg-3ubuntu2.1_all.deb b46d2208753b39576a07fc05054a8493d8a33cbf 261416 libldap2-dev_2.4.47+dfsg-3ubuntu2.1_amd64.deb 709e740386d8453c02c4ceadcfa0e0d2cd68f1a3 11027 openldap_2.4.47+dfsg-3ubuntu2.1_amd64.buildinfo f4dc74f0222e2b5487537557a422ef4a53fe1593 64973 openldap_2.4.47+dfsg-3ubuntu2.1_amd64_translations.tar.gz 15a53327029bfdb3099a2500402c99e1bc1603a6 61960 slapd-contrib-dbgsym_2.4.47+dfsg-3ubuntu2.1_amd64.ddeb a2dd35b70987c1f9a61549d1a6142779368365d7 24508 slapd-contrib_2.4.47+dfsg-3ubuntu2.1_amd64.deb bd79e6e1c46325a06b0b0a4dd1467e7e66154de8 7153888 slapd-dbgsym_2.4.47+dfsg-3ubuntu2.1_amd64.ddeb a2ef9ef22fa88068e160ab33d8a25b8cb5e1bf5b 7184 slapd-smbk5pwd_2.4.47+dfsg-3ubuntu2.1_all.deb f1b13eb12bdcf937c29bc987996678bc3bcf1d09 1397892 slapd_2.4.47+dfsg-3ubuntu2.1_amd64.deb 3328bf180c3fe4859714fe0e5e72723e25ffd062 14640 slapi-dev_2.4.47+dfsg-3ubuntu2.1_amd64.deb Checksums-Sha256: 1a5b426e9bbe5f6ee2023fd0c202f494ee106db728a2a5109d47193421f3558a 535480 ldap-utils-dbgsym_2.4.47+dfsg-3ubuntu2.1_amd64.ddeb f4cb5dbf0818da23d4a80223902064a9c534f11bf968c8f6662f246a810e7510 125580 ldap-utils_2.4.47+dfsg-3ubuntu2.1_amd64.deb 111c8919ca344903b00e4381b8bdbe98733c97eb68191082d1b1bed798d65621 537684 libldap-2.4-2-dbgsym_2.4.47+dfsg-3ubuntu2.1_amd64.ddeb e9731c80f90733232a1c76c7abf5a3745f3815e102f76e327ea4a346337d61f4 155168 libldap-2.4-2_2.4.47+dfsg-3ubuntu2.1_amd64.deb 197046ee3bb5677bf9f11d8b3e720d7f545dfe8c9ad895eac6df93ea2f8bc3f6 16852 libldap-common_2.4.47+dfsg-3ubuntu2.1_all.deb 2cadf3a76c31d627d07350ef03d8209a572110da206a58f4135e1c07a8a6f809 261416 libldap2-dev_2.4.47+dfsg-3ubuntu2.1_amd64.deb de63c375b1aa005145d81344e30e74ac478bbfa3ef869df1b9e7223bf026a2f3 11027 openldap_2.4.47+dfsg-3ubuntu2.1_amd64.buildinfo e6814f6108a5d44c789cee0610fe7263fe2ddfb6a61d72bdaa1f2a9dd0ec1e07 64973 openldap_2.4.47+dfsg-3ubuntu2.1_amd64_translations.tar.gz 4b80efa131111c2efa2973d76cbee687b6549f788eb1628304819ae45b3d6939 61960 slapd-contrib-dbgsym_2.4.47+dfsg-3ubuntu2.1_amd64.ddeb 419a67482519909a4750601a57faa9483198217c5dedd8905f9e44cb5fc6e1fd 24508 slapd-contrib_2.4.47+dfsg-3ubuntu2.1_amd64.deb 9eb59e01b8a937a6a8a5c7034a5b0d34ae2e0a3e665b8a1f4605f5939c554ab2 7153888 slapd-dbgsym_2.4.47+dfsg-3ubuntu2.1_amd64.ddeb 5d4bc640d550c9c0c6435ff9dc5b527bb4158bf7c81d11949515b1aec6426a56 7184 slapd-smbk5pwd_2.4.47+dfsg-3ubuntu2.1_all.deb cafe6d45142e703b3765aea385837c8c12ba370cb15a388b56a97e679edd4fb6 1397892 slapd_2.4.47+dfsg-3ubuntu2.1_amd64.deb 7f14dff6a11ba1511fa0e00b8f7203d24345812cb0dbf3ad5ec1f94e2dbc2193 14640 slapi-dev_2.4.47+dfsg-3ubuntu2.1_amd64.deb Files: 75b45653e6e2da203581331cb3040191 535480 debug optional ldap-utils-dbgsym_2.4.47+dfsg-3ubuntu2.1_amd64.ddeb 2d2e05672d223253642eefd4692e85c5 125580 net optional ldap-utils_2.4.47+dfsg-3ubuntu2.1_amd64.deb 2475a0c0ac3c45cf013f24ce8db0b2a1 537684 debug optional libldap-2.4-2-dbgsym_2.4.47+dfsg-3ubuntu2.1_amd64.ddeb 837f3bb752533a611e7e96f880e28b97 155168 libs optional libldap-2.4-2_2.4.47+dfsg-3ubuntu2.1_amd64.deb c964b2843d5af94fed2ebc01ea05e893 16852 libs optional libldap-common_2.4.47+dfsg-3ubuntu2.1_all.deb 7d56d043359f8add2a5bb30a1f74848d 261416 libdevel optional libldap2-dev_2.4.47+dfsg-3ubuntu2.1_amd64.deb befc09f7be3774e63215fadb9db7145f 11027 net optional openldap_2.4.47+dfsg-3ubuntu2.1_amd64.buildinfo fc71cb32b9a73896b11d9cff672d03e4 64973 raw-translations - openldap_2.4.47+dfsg-3ubuntu2.1_amd64_translations.tar.gz 5b71345426b33a449056d56c1a9d06c1 61960 debug optional slapd-contrib-dbgsym_2.4.47+dfsg-3ubuntu2.1_amd64.ddeb b6afa10c0edffae18b223b5eb8b25e44 24508 net optional slapd-contrib_2.4.47+dfsg-3ubuntu2.1_amd64.deb 58ef95420078b00d795f3532088564fc 7153888 debug optional slapd-dbgsym_2.4.47+dfsg-3ubuntu2.1_amd64.ddeb 4d4c93bc540775fd543aceae55931a77 7184 oldlibs optional slapd-smbk5pwd_2.4.47+dfsg-3ubuntu2.1_all.deb 7164abfa27cd5d99370b66739ff71f03 1397892 net optional slapd_2.4.47+dfsg-3ubuntu2.1_amd64.deb 8f1260bab6ce217979660eeb55b26582 14640 libdevel optional slapi-dev_2.4.47+dfsg-3ubuntu2.1_amd64.deb Original-Maintainer: Debian OpenLDAP Maintainers