Format: 1.8
Date: Tue, 02 Feb 2021 11:51:22 -0500
Source: openldap
Binary: slapd slapd-smbk5pwd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev slapd-dbg
Architecture: i386 i386_translations
Version: 2.4.42+dfsg-2ubuntu3.12
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-036.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 ldap-utils - OpenLDAP utilities
 libldap-2.4-2 - OpenLDAP libraries
 libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries
 libldap2-dev - OpenLDAP development libraries
 slapd      - OpenLDAP server (slapd)
 slapd-dbg  - Debugging information for the OpenLDAP server (slapd)
 slapd-smbk5pwd - Keeps Samba and Kerberos passwords in sync within slapd.
Changes:
 openldap (2.4.42+dfsg-2ubuntu3.12) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: integer underflow in Certificate Exact Assertion
     processing
     - debian/patches/CVE-2020-36221-1.patch: fix serialNumberAndIssuerCheck
       in servers/slapd/schema_init.c.
     - debian/patches/CVE-2020-36221-2.patch: fix serialNumberAndIssuerCheck
       in servers/slapd/schema_init.c.
     - CVE-2020-36221
   * SECURITY UPDATE: assert failure in saslAuthzTo validation
     - debian/patches/CVE-2020-36222-1.patch: remove saslauthz asserts in
       servers/slapd/saslauthz.c.
     - debian/patches/CVE-2020-36222-2.patch: fix debug msg in
       servers/slapd/saslauthz.c.
     - CVE-2020-36222
   * SECURITY UPDATE: crash in Values Return Filter control handling
     - debian/patches/CVE-2020-36223.patch: fix vrfilter double-free in
       servers/slapd/controls.c.
     - CVE-2020-36223
   * SECURITY UPDATE: DoS in saslAuthzTo processing
     - debian/patches/CVE-2020-36224-1.patch: use ch_free on normalized DN
       in servers/slapd/saslauthz.c.
     - debian/patches/CVE-2020-36224-2.patch: use slap_sl_free in prev
       commit in servers/slapd/saslauthz.c.
     - CVE-2020-36224
   * SECURITY UPDATE: DoS in saslAuthzTo processing
     - debian/patches/CVE-2020-36225.patch: fix AVA_Sort on invalid RDN in
       servers/slapd/dn.c.
     - CVE-2020-36225
   * SECURITY UPDATE: DoS in saslAuthzTo processing
     - debian/patches/CVE-2020-36226.patch: fix slap_parse_user in
       servers/slapd/saslauthz.c.
     - CVE-2020-36226
   * SECURITY UPDATE: infinite loop in cancel_extop Cancel operation
     - debian/patches/CVE-2020-36227.patch: fix cancel exop in
       servers/slapd/cancel.c.
     - CVE-2020-36227
   * SECURITY UPDATE: DoS in Certificate List Exact Assertion processing
     - debian/patches/CVE-2020-36228.patch: fix issuerAndThisUpdateCheck in
       servers/slapd/schema_init.c.
     - CVE-2020-36228
   * SECURITY UPDATE: DoS in X.509 DN parsing in ad_keystring
     - debian/patches/CVE-2020-36229.patch: add more checks to
       ldap_X509dn2bv in libraries/libldap/tls2.c.
     - CVE-2020-36229
   * SECURITY UPDATE: DoS in X.509 DN parsing in ber_next_element
     - debian/patches/CVE-2020-36230.patch: check for invalid BER after RDN
       count in libraries/libldap/tls2.c.
     - CVE-2020-36230
Checksums-Sha1:
 4ca49d2c1351b4edab53fd4fc4ae14979426f1ac 934 ldap-utils-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 769e2c37eb2fcd394dcddd76f74aa0432763410c 120892 ldap-utils_2.4.42+dfsg-2ubuntu3.12_i386.deb
 d808a01e95fa0ee67f0da4e132277a053eed2730 339696 libldap-2.4-2-dbg_2.4.42+dfsg-2ubuntu3.12_i386.deb
 f251ad61c92530de55ab228414eb60703f8178bd 886 libldap-2.4-2-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 b07f3bbbac944681cfbef99aa5c827ebfb1ab895 171510 libldap-2.4-2_2.4.42+dfsg-2ubuntu3.12_i386.deb
 152f34e9d5288b98f9930f9cd7fa5a49c94a6b19 918 libldap2-dev-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 0019f66737c75b29f462e50245f4aadb20211a39 279720 libldap2-dev_2.4.42+dfsg-2ubuntu3.12_i386.deb
 fcbb6e448e7d0f24241e33e72f71750fb3a7848c 54018 openldap_2.4.42+dfsg-2ubuntu3.12_i386_translations.tar.gz
 40219e9f3f8d35965d0496e95975aceeeac645d5 5006806 slapd-dbg_2.4.42+dfsg-2ubuntu3.12_i386.deb
 2d11fff8491b9a9754ad9bb9073f4ef36292f0ba 898 slapd-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 21a01c7fa9ac77c9e5e26df3c547fcc044454c30 948 slapd-smbk5pwd-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 735ab609a784069f1e86ccc591b1315c871f6420 18600 slapd-smbk5pwd_2.4.42+dfsg-2ubuntu3.12_i386.deb
 2f7933053d3293bb6ebf3e0a4296b9b94f37aa1a 1456974 slapd_2.4.42+dfsg-2ubuntu3.12_i386.deb
Checksums-Sha256:
 ff38502d78c04b750eaa61d1db52a0c8795a0c5b369159a7d396a23230e5db22 934 ldap-utils-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 56a986aad7f15535aca06970a727a2b06afc735be56acd178560030372ecac76 120892 ldap-utils_2.4.42+dfsg-2ubuntu3.12_i386.deb
 b1e90e3b15bb359c483a8bc3e3c94d9f187ad2cf62a6b481a31abc7d05822252 339696 libldap-2.4-2-dbg_2.4.42+dfsg-2ubuntu3.12_i386.deb
 9a055b9c8f81ef70c4473a9632a02025829bf0e0255818b70b60e85e6b969d80 886 libldap-2.4-2-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 d036dad8b233e6ef3be42f440c2f8472b3828a29c3bf9ba7881772b61d8c71ac 171510 libldap-2.4-2_2.4.42+dfsg-2ubuntu3.12_i386.deb
 42183a5fc2923fb9d03c012224b8ca7e124e16ca5dcab80451808ff229dbc803 918 libldap2-dev-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 3175c0d50450bea69773f57488973618935d9a8c534de01e438f921e1a697cc3 279720 libldap2-dev_2.4.42+dfsg-2ubuntu3.12_i386.deb
 204dcc067cd762745cf110dcd56b124acc6cc84e4947b2d114fddd0a9f7a34a3 54018 openldap_2.4.42+dfsg-2ubuntu3.12_i386_translations.tar.gz
 2967c293d95c11f8a6030425f01a29061806207c4ae38e0ef408d793d850164a 5006806 slapd-dbg_2.4.42+dfsg-2ubuntu3.12_i386.deb
 b2d1e5258b6d64807a9ca3544be6e1575570a1f6d22bd894eb3d88517c853000 898 slapd-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 8dd8311e0e00bd20b1fa0099d925b63cc7d9f4335875b000068a391c37cbf67a 948 slapd-smbk5pwd-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 671d4479bbf129a8861f00a9a4c3178c0cc04ab2193c6ce1f4edfbdd4a471f4c 18600 slapd-smbk5pwd_2.4.42+dfsg-2ubuntu3.12_i386.deb
 574f23cb5e497e8adac3a1e9357d9ac2a25ba850b48003158f45e306291d5296 1456974 slapd_2.4.42+dfsg-2ubuntu3.12_i386.deb
Files:
 6f1f6f47bc3ea2ce3fda6b7101a85ed6 934 net extra ldap-utils-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 7372986e015d1832898cbf37b28e8698 120892 net optional ldap-utils_2.4.42+dfsg-2ubuntu3.12_i386.deb
 731362ba6dc7a5cf014182e2c583629a 339696 debug extra libldap-2.4-2-dbg_2.4.42+dfsg-2ubuntu3.12_i386.deb
 bcdec3d0e47b07f1a7771559fd17f805 886 libs extra libldap-2.4-2-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 1664f61dad63b6b0191ea55591cd44f8 171510 libs standard libldap-2.4-2_2.4.42+dfsg-2ubuntu3.12_i386.deb
 6144f9eeae4b48285f68fa08def3ec2d 918 libdevel extra libldap2-dev-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 0be62e936af54d7a339fc11054877856 279720 libdevel extra libldap2-dev_2.4.42+dfsg-2ubuntu3.12_i386.deb
 0e759abab0955c3c9836fc760c5ab037 54018 raw-translations - openldap_2.4.42+dfsg-2ubuntu3.12_i386_translations.tar.gz
 d45f9a85ca8d5eeb060502d98e679371 5006806 debug extra slapd-dbg_2.4.42+dfsg-2ubuntu3.12_i386.deb
 e4ad64039f58ba40095fdf70f59ca669 898 net extra slapd-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 a8e9bbc45130284cdbc32331e50e7a68 948 net extra slapd-smbk5pwd-dbgsym_2.4.42+dfsg-2ubuntu3.12_i386.ddeb
 d14a33174feb29a8d647bdbd8478ca59 18600 net extra slapd-smbk5pwd_2.4.42+dfsg-2ubuntu3.12_i386.deb
 cbcabcd0e94c1a87c854c30126f6fc2b 1456974 net optional slapd_2.4.42+dfsg-2ubuntu3.12_i386.deb
Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>