openldap 2.4.49+dfsg-2ubuntu1.6 source package in Ubuntu
Changelog
openldap (2.4.49+dfsg-2ubuntu1.6) focal-security; urgency=medium * SECURITY UPDATE: integer underflow in Certificate Exact Assertion processing - debian/patches/CVE-2020-36221-1.patch: fix serialNumberAndIssuerCheck in servers/slapd/schema_init.c. - debian/patches/CVE-2020-36221-2.patch: fix serialNumberAndIssuerCheck in servers/slapd/schema_init.c. - CVE-2020-36221 * SECURITY UPDATE: assert failure in saslAuthzTo validation - debian/patches/CVE-2020-36222-1.patch: remove saslauthz asserts in servers/slapd/saslauthz.c. - debian/patches/CVE-2020-36222-2.patch: fix debug msg in servers/slapd/saslauthz.c. - CVE-2020-36222 * SECURITY UPDATE: crash in Values Return Filter control handling - debian/patches/CVE-2020-36223.patch: fix vrfilter double-free in servers/slapd/controls.c. - CVE-2020-36223 * SECURITY UPDATE: DoS in saslAuthzTo processing - debian/patches/CVE-2020-36224-1.patch: use ch_free on normalized DN in servers/slapd/saslauthz.c. - debian/patches/CVE-2020-36224-2.patch: use slap_sl_free in prev commit in servers/slapd/saslauthz.c. - CVE-2020-36224 * SECURITY UPDATE: DoS in saslAuthzTo processing - debian/patches/CVE-2020-36225.patch: fix AVA_Sort on invalid RDN in servers/slapd/dn.c. - CVE-2020-36225 * SECURITY UPDATE: DoS in saslAuthzTo processing - debian/patches/CVE-2020-36226.patch: fix slap_parse_user in servers/slapd/saslauthz.c. - CVE-2020-36226 * SECURITY UPDATE: infinite loop in cancel_extop Cancel operation - debian/patches/CVE-2020-36227.patch: fix cancel exop in servers/slapd/cancel.c. - CVE-2020-36227 * SECURITY UPDATE: DoS in Certificate List Exact Assertion processing - debian/patches/CVE-2020-36228.patch: fix issuerAndThisUpdateCheck in servers/slapd/schema_init.c. - CVE-2020-36228 * SECURITY UPDATE: DoS in X.509 DN parsing in ad_keystring - debian/patches/CVE-2020-36229.patch: add more checks to ldap_X509dn2bv in libraries/libldap/tls2.c. - CVE-2020-36229 * SECURITY UPDATE: DoS in X.509 DN parsing in ber_next_element - debian/patches/CVE-2020-36230.patch: check for invalid BER after RDN count in libraries/libldap/tls2.c. - CVE-2020-36230 -- Marc Deslauriers <email address hidden> Tue, 02 Feb 2021 11:06:34 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- net
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
openldap_2.4.49+dfsg.orig.tar.gz | 4.6 MiB | 240022395b438f327aa860a631c1d4eef9b17e63ec8965d3aca2aa983e6d81e6 |
openldap_2.4.49+dfsg-2ubuntu1.6.debian.tar.xz | 182.3 KiB | 9d78880a0cbdecc1aacf5d54c49528201201490fc5bd181dc4510e3a63315b87 |
openldap_2.4.49+dfsg-2ubuntu1.6.dsc | 3.1 KiB | 294882e3ec463e40f284d41de788ddad0e167f7ca24e0cb7e86ea49c3bc5889b |
Available diffs
Binary packages built by this source
- ldap-utils: OpenLDAP utilities
This package provides utilities from the OpenLDAP (Lightweight
Directory Access Protocol) package. These utilities can access a
local or remote LDAP server and contain all the client programs
required to access LDAP servers.
- ldap-utils-dbgsym: debug symbols for ldap-utils
- libldap-2.4-2: OpenLDAP libraries
These are the run-time libraries for the OpenLDAP (Lightweight Directory
Access Protocol) servers and clients.
- libldap-2.4-2-dbgsym: debug symbols for libldap-2.4-2
- libldap-common: OpenLDAP common files for libraries
These are common files for the run-time libraries for the OpenLDAP
(Lightweight Directory Access Protocol) servers and clients.
- libldap2-dev: OpenLDAP development libraries
This package allows development of LDAP applications using the OpenLDAP
libraries. It includes headers, libraries and links to allow static and
dynamic linking.
- slapd: OpenLDAP server (slapd)
This is the OpenLDAP (Lightweight Directory Access Protocol) server
(slapd). The server can be used to provide a standalone directory
service.
- slapd-contrib: contributed plugins for OpenLDAP slapd
This package contains a number of slapd overlays and plugins contributed by
the OpenLDAP community. While distributed as part of OpenLDAP Software, they
are not necessarily supported by the OpenLDAP Project.
- slapd-contrib-dbgsym: debug symbols for slapd-contrib
- slapd-dbgsym: debug symbols for slapd
- slapd-smbk5pwd: transitional package for slapd-contrib
This is a transitional package from slapd-smbk5pwd to slapd-contrib. It can be
safely removed.
- slapi-dev: development libraries for OpenLDAP SLAPI plugin interface
This package allows development of plugins for the OpenLDAP slapd server
using the SLAPI interface. It includes the headers and libraries needed
to build such plugins.