it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Salvatore Bonaccorso <carnil AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 4845-1] openldap security update
- Date: Wed, 03 Feb 2021 09:53:09 +0000
- List-archive: https://lists.debian.org/msgid-search/E1l7EqT-00064m-Kn AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version :Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=prMx+0uqst+FzMGvVrAOEUpjOHzpcCR3DUd6xrHDfTo=; b=LG 84S4aKUesHNO1H37rWL38TEw8BDbmaQeshwfRprabdreZ0pHlE8mGl0aKKtZYPRZqytB87FVp2EOM 7OL8r8oDDWOHo9gFpH4SbVj9hSFHqNdsiMhinKURldFTtSInL4Qq5UDVW8vG40kzy2XrAyyDcKDKN yn5kDJLfad06yyj55YaCIIaQHdjVVjEzUf884Y2jdYMySqj/vq4HcfkdU8WbpWJx6YkiVadFyJoH5 svQvMkL/PPBg3MZgXNTxH1IV8pqSKChBkPEwAsdsUFXYqFULVgWhdamyHRDphkcze3S2iUHCKjjjE fJJ+yd1tqYHgP/0fQTobtgodgmp4sGpw==;
- Old-return-path: <carnil AT seger.debian.org>
- Priority: urgent
- Resent-date: Wed, 3 Feb 2021 09:53:25 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <PWj5QXP_eiE.A.6CB.VKnGgB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4845-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 03, 2021 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : openldap
CVE ID : CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224
CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228
CVE-2020-36229 CVE-2020-36230
Several vulnerabilities were discovered in OpenLDAP, a free
implementation of the Lightweight Directory Access Protocol. An
unauthenticated remote attacker can take advantage of these flaws to
cause a denial of service (slapd daemon crash, infinite loops) via
specially crafted packets.
For the stable distribution (buster), these problems have been fixed in
version 2.4.47+dfsg-3+deb10u5.
We recommend that you upgrade your openldap packages.
For the detailed security status of openldap please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/openldap
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAacX5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0QPFg//fcGz69i33dnT0T9ZUCkW1x73lEHKb74p2Cj10rcTnl3NSbX8EmAUagke
oMBeMezDtY7SCjvli4KlgrvCMKes4l6BhXe+HH475CZUHKtyhx/+y5kGjL4BM3kJ
hZYkntsbU5ssg+O+Xdf0fERcxV9HVub4jIFh7r/0zWJriyXHhoz6eVnB+gRL/V9S
BrDq5DgP6lXrbcUStBu1Wpq0HV85r9vi8TQHK+gSRQN0ckFo3q8MZuzL49VU6JAF
PDruJLd7c7ahtyIm2nri3BzDPO8z39h7IoeKD9Xnsl1vk+E1sFXKrJbFE9TVLIJW
9YDU+uDkYpy/ZcSFLQg2yikrFFPjoniKLJvh33mqlji4Wfz6y1jULSWGakILYOua
ZOobdHbQ6kEz9wxpHFCNz7OQEbtXxqFAv6WiDZKicU0ehCbfTqQs6q5T42atm1Mc
E9cbGGS18y9PoPv7MvAeAGA2fAL+E07z4Yivoxw7PfaEYkFZhc/SDcpgDtyKlgrz
EleAM/bR2U/tWK7Y0t5X9wLYNSnlqV0eEVNGlC1sySh4ZeinMMvOc602W2t8rSrd
Gzuiq1pORb6MzsmzGnmo6Vc7vgGKo/m2JNg0XOBRQO2tSmSilKlactvfwKcxxUnp
veL7V3mHGvtaz0yjiPzljiZcTT1G72yrXfz+aJtpu4LS9HUY350=
=gnr5
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 4845-1] openldap security update, Salvatore Bonaccorso, 03.02.2021
Archiv bereitgestellt durch MHonArc 2.6.24.