Format: 1.8 Date: Tue, 02 Feb 2021 11:06:34 -0500 Source: openldap Binary: ldap-utils libldap-2.4-2 libldap-common libldap2-dev slapd slapd-contrib slapd-smbk5pwd slapi-dev Architecture: amd64 all amd64_translations Version: 2.4.49+dfsg-2ubuntu1.6 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: ldap-utils - OpenLDAP utilities libldap-2.4-2 - OpenLDAP libraries libldap-common - OpenLDAP common files for libraries libldap2-dev - OpenLDAP development libraries slapd - OpenLDAP server (slapd) slapd-contrib - contributed plugins for OpenLDAP slapd slapd-smbk5pwd - transitional package for slapd-contrib slapi-dev - development libraries for OpenLDAP SLAPI plugin interface Changes: openldap (2.4.49+dfsg-2ubuntu1.6) focal-security; urgency=medium . * SECURITY UPDATE: integer underflow in Certificate Exact Assertion processing - debian/patches/CVE-2020-36221-1.patch: fix serialNumberAndIssuerCheck in servers/slapd/schema_init.c. - debian/patches/CVE-2020-36221-2.patch: fix serialNumberAndIssuerCheck in servers/slapd/schema_init.c. - CVE-2020-36221 * SECURITY UPDATE: assert failure in saslAuthzTo validation - debian/patches/CVE-2020-36222-1.patch: remove saslauthz asserts in servers/slapd/saslauthz.c. - debian/patches/CVE-2020-36222-2.patch: fix debug msg in servers/slapd/saslauthz.c. - CVE-2020-36222 * SECURITY UPDATE: crash in Values Return Filter control handling - debian/patches/CVE-2020-36223.patch: fix vrfilter double-free in servers/slapd/controls.c. - CVE-2020-36223 * SECURITY UPDATE: DoS in saslAuthzTo processing - debian/patches/CVE-2020-36224-1.patch: use ch_free on normalized DN in servers/slapd/saslauthz.c. - debian/patches/CVE-2020-36224-2.patch: use slap_sl_free in prev commit in servers/slapd/saslauthz.c. - CVE-2020-36224 * SECURITY UPDATE: DoS in saslAuthzTo processing - debian/patches/CVE-2020-36225.patch: fix AVA_Sort on invalid RDN in servers/slapd/dn.c. - CVE-2020-36225 * SECURITY UPDATE: DoS in saslAuthzTo processing - debian/patches/CVE-2020-36226.patch: fix slap_parse_user in servers/slapd/saslauthz.c. - CVE-2020-36226 * SECURITY UPDATE: infinite loop in cancel_extop Cancel operation - debian/patches/CVE-2020-36227.patch: fix cancel exop in servers/slapd/cancel.c. - CVE-2020-36227 * SECURITY UPDATE: DoS in Certificate List Exact Assertion processing - debian/patches/CVE-2020-36228.patch: fix issuerAndThisUpdateCheck in servers/slapd/schema_init.c. - CVE-2020-36228 * SECURITY UPDATE: DoS in X.509 DN parsing in ad_keystring - debian/patches/CVE-2020-36229.patch: add more checks to ldap_X509dn2bv in libraries/libldap/tls2.c. - CVE-2020-36229 * SECURITY UPDATE: DoS in X.509 DN parsing in ber_next_element - debian/patches/CVE-2020-36230.patch: check for invalid BER after RDN count in libraries/libldap/tls2.c. - CVE-2020-36230 Checksums-Sha1: e4168001dd93a4f15cf373a21ecaf4838b123d21 536992 ldap-utils-dbgsym_2.4.49+dfsg-2ubuntu1.6_amd64.ddeb f091831b851ea5e97dd4f0c39280231a74df13ad 121496 ldap-utils_2.4.49+dfsg-2ubuntu1.6_amd64.deb 563411db8070257d6b6f120db10236cbb909b96f 542604 libldap-2.4-2-dbgsym_2.4.49+dfsg-2ubuntu1.6_amd64.ddeb be7b1c010d251c055cc20503c1c3b67c0114c5f9 155404 libldap-2.4-2_2.4.49+dfsg-2ubuntu1.6_amd64.deb 2d6d1515554076d83e8e3fcee20d5e0ee6a7b55b 17180 libldap-common_2.4.49+dfsg-2ubuntu1.6_all.deb 42dd414c6b8f3442e3c689869131d9249fe1a0dd 262384 libldap2-dev_2.4.49+dfsg-2ubuntu1.6_amd64.deb 610325cf3ffc1c66af9290007014ae7e437f1f2d 11521 openldap_2.4.49+dfsg-2ubuntu1.6_amd64.buildinfo 41515cc6810742b021cbf498084e8af008efa1b6 62007 openldap_2.4.49+dfsg-2ubuntu1.6_amd64_translations.tar.gz 240013cc1f0cf6a6d333c6839b30b67639274b3a 62216 slapd-contrib-dbgsym_2.4.49+dfsg-2ubuntu1.6_amd64.ddeb 66bf45339ae78e372daa291b3470635d1a919256 24676 slapd-contrib_2.4.49+dfsg-2ubuntu1.6_amd64.deb 81f3eb7e779c416fbb569a1b106703396a03f44d 7196996 slapd-dbgsym_2.4.49+dfsg-2ubuntu1.6_amd64.ddeb d83acb31254bca1cd1ed4179c29dc5a18d65b220 7180 slapd-smbk5pwd_2.4.49+dfsg-2ubuntu1.6_all.deb 9c909e7842b3022dc2df8e49b859c1f0ac9aa736 1397216 slapd_2.4.49+dfsg-2ubuntu1.6_amd64.deb ad1f5d5ce351091b2c78c76a19b31f4ffaad9df7 14644 slapi-dev_2.4.49+dfsg-2ubuntu1.6_amd64.deb Checksums-Sha256: a90118d72ec951874eaa1a831eb322489c65a2def6a1cb79ffd90e735498f597 536992 ldap-utils-dbgsym_2.4.49+dfsg-2ubuntu1.6_amd64.ddeb 0d48b43d868aa743c03cb88e448d183a3a3ef857b8cdafe6a2d16b137514aa96 121496 ldap-utils_2.4.49+dfsg-2ubuntu1.6_amd64.deb 021d6befde55d479b5e30c14a3f7921dfcc1c194929ac686fb4849cf1beee575 542604 libldap-2.4-2-dbgsym_2.4.49+dfsg-2ubuntu1.6_amd64.ddeb 3963da76205d3f8d0ed844e6fc4586befed46d39925766cc8d53f8bb58faba07 155404 libldap-2.4-2_2.4.49+dfsg-2ubuntu1.6_amd64.deb 012f8abf72b093ac5becee21ef955745d6682c8af07dbf88c398e580c877a0c9 17180 libldap-common_2.4.49+dfsg-2ubuntu1.6_all.deb ddfde8c7e70b372a01900842df06a7ba23fc1b39dc12d029fe96f7205a17cb63 262384 libldap2-dev_2.4.49+dfsg-2ubuntu1.6_amd64.deb 74ea0c1fcc329330f857f324c0ee6c83b78970311a21426676f392c98ce7bdf2 11521 openldap_2.4.49+dfsg-2ubuntu1.6_amd64.buildinfo 49a3570e2188148f406294145a9a57975e675e1da860379d02ee80b4f06bd799 62007 openldap_2.4.49+dfsg-2ubuntu1.6_amd64_translations.tar.gz 8d9ddbd3e9b898f608f33fa433002e63128bb75fe9b941a225e57edf1a38e8db 62216 slapd-contrib-dbgsym_2.4.49+dfsg-2ubuntu1.6_amd64.ddeb b93cd996de418111f3e7c2f1ba31d1e4a5888e433961e19d8643adee8ceb1338 24676 slapd-contrib_2.4.49+dfsg-2ubuntu1.6_amd64.deb c830b91b47d3ca87805b3ef66c8208765b4cf15ca3513ba64d7444d09c020fc5 7196996 slapd-dbgsym_2.4.49+dfsg-2ubuntu1.6_amd64.ddeb 441d05a5553cc85f06dbc9e03bcc52373dd6f87cc97e50617b7d092eee220f17 7180 slapd-smbk5pwd_2.4.49+dfsg-2ubuntu1.6_all.deb aa1d031333e09705154b5e08d7c4efd47515a99aa387800aff93e718dc2c6537 1397216 slapd_2.4.49+dfsg-2ubuntu1.6_amd64.deb fad7a5421c2b887a7ee517960b3fb123fe48c914f4827b9ad3fdd2482bf18708 14644 slapi-dev_2.4.49+dfsg-2ubuntu1.6_amd64.deb Files: 5b3342baa4655b3d3960cfa4f06bbae0 536992 debug optional ldap-utils-dbgsym_2.4.49+dfsg-2ubuntu1.6_amd64.ddeb 378e0c47d3c22bbd27ab81a5d2526064 121496 net optional ldap-utils_2.4.49+dfsg-2ubuntu1.6_amd64.deb bb08a22337c78d9741799f26cbdb84f1 542604 debug optional libldap-2.4-2-dbgsym_2.4.49+dfsg-2ubuntu1.6_amd64.ddeb 34741ebf912e54674c1420adcff34f5f 155404 libs optional libldap-2.4-2_2.4.49+dfsg-2ubuntu1.6_amd64.deb 58c23c5a2154ba9415c4cd2fbad3f4ea 17180 libs optional libldap-common_2.4.49+dfsg-2ubuntu1.6_all.deb d0c63c7d41deb5015fa2d815a16f7eac 262384 libdevel optional libldap2-dev_2.4.49+dfsg-2ubuntu1.6_amd64.deb ddf8e00532628d9788e353a03554c3dd 11521 net optional openldap_2.4.49+dfsg-2ubuntu1.6_amd64.buildinfo 253d050c69fb1e9d6d55f2cfc2551281 62007 raw-translations - openldap_2.4.49+dfsg-2ubuntu1.6_amd64_translations.tar.gz 663673be6ad11a6eb1998663e310b7b5 62216 debug optional slapd-contrib-dbgsym_2.4.49+dfsg-2ubuntu1.6_amd64.ddeb e9250b1583c9d52c00a6e83d96a59ec6 24676 net optional slapd-contrib_2.4.49+dfsg-2ubuntu1.6_amd64.deb a401f247ff0e4ebe517ca8bd21153b1c 7196996 debug optional slapd-dbgsym_2.4.49+dfsg-2ubuntu1.6_amd64.ddeb 15fa51d202b9b4719faba38ae908fe5c 7180 oldlibs optional slapd-smbk5pwd_2.4.49+dfsg-2ubuntu1.6_all.deb 6137a9ac9c444dc5098d8a1a3adec6fa 1397216 net optional slapd_2.4.49+dfsg-2ubuntu1.6_amd64.deb 450798c3ffd986bb49e87d36734e7786 14644 libdevel optional slapi-dev_2.4.49+dfsg-2ubuntu1.6_amd64.deb Original-Maintainer: Debian OpenLDAP Maintainers