it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Salvatore Bonaccorso <carnil AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 4782-1] openldap security update
- Date: Fri, 30 Oct 2020 18:19:15 +0000
- List-archive: https://lists.debian.org/msgid-search/E1kYYzb-000814-AF AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version :Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=2vL3OvNcBX2ZkKNBscHMPng476lfWQ4Z30bDu8udAic=; b=dF 3nffWuz/QFnhIeSepvqd6Z8vg9Yzv57o1mK/xvxwL4k4Vu4+JfBUx6+wsqiBUyB9EHgAfxTGt0YOu YsOBJj7/LBsKz7eh78XM79lulR8zr7bkt01Ni+dUCPfN/0FCtTTpX6v8B/+XMmeWfhFDBKopx+3hz GOrr55ll+njBmMGy6sdLOswkxhHB/qAXSlrwSUDy7XSmeJkhyN32NDGp45Cxpp/BSrTbC0bWP8O7C RHmte8CPK2PIeeKWrWHixnr06KUP2cLFbkj5blaXZ/Jrf3NSVjgXUrvO0ZDQAHG01cxRh1PauUWRo drfAuGBkncWBfCinETKcn+mXf4EiEgnw==;
- Old-return-path: <carnil AT seger.debian.org>
- Priority: urgent
- Resent-date: Fri, 30 Oct 2020 18:19:33 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <U0tNZrdilSI.A.wZF.1kFnfB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4782-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
October 30, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : openldap
CVE ID : none assigned yet
A vulnerability in the handling of normalization with modrdn was
discovered in OpenLDAP, a free implementation of the Lightweight
Directory Access Protocol. An unauthenticated remote attacker can use
this flaw to cause a denial of service (slapd daemon crash) via a
specially crafted packet.
For the stable distribution (buster), this problem has been fixed in
version 2.4.47+dfsg-3+deb10u3.
We recommend that you upgrade your openldap packages.
For the detailed security status of openldap please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/openldap
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl+cWCBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0R+gg//UhbR24QhftXf5Wz7SZKDxQi/LNi0ug+4amx6FvtDEyKh0Wo5ur12+Ojv
F/7A8Mj9Z6JYWIlP7F61LA2Qhnwem4tvw1/1Is8JbGdi1+KpBurfO5mfK8q9WP8V
n/5t5NNBv69j74Jknz8ZaSyzRQ2vlQQOuMDWt5m/jpU1i/TTzADbfGVBt0HI6pNo
678kBZSrVB37VIEABIz7DpE8H3+O3gX1JFegQHf/dRMUTUNSKba3cmnz+ZoQt7tf
8/w2WryScfsL6laIaOYKtSAFRPum5R/IS/qO3HaGXxVIy2dIk4TENfvxYCHUjyrN
miwMhiZWreN26NjuXnwUyMGAXr/aH8OqHtvI4fGjuNlUTbSaee97vW6dX5EjTMv7
jXU+dolc0IpoJj6wnoH3hogmwfkPyLWoUDad07AkjNGxjAh8LOd85zen4ayXKhXZ
QtxHv/cMyPe92Lh3MlBgaDdrwHnt+o5WeQgMU7wedgfHC0zg4FcS8ljfP6pepOGe
A60SwkwxH2sJcFn1pXqKk+I0y1bP+YbnS9yJKoB0pHwL0iVlZ1fjb0SGSyhOYC4w
a7yZtKD0ssiBggz7syTAvv8PCZmkcdWY0AjNtgk9Nn858bFI3k+X4Q/4KuAXFDcg
nja3R4qOO+8j3eCcf4Aa9/gKl4GcUyauoelg75EJZmDCWiXFWaI=
=BKmO
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 4782-1] openldap security update, Salvatore Bonaccorso, 30.10.2020
Archiv bereitgestellt durch MHonArc 2.6.19.