Debian Linux Security Advisory 4845-1 - Several vulnerabilities were discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can take advantage of these flaws to cause a denial of service (slapd daemon crash, infinite loops) via specially crafted packets.
93d9bd640781dd21a67eca3c27b1a0e8b18464cca9960cea70eccb7f6a636db7-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-4845-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
February 03, 2021 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : openldap
CVE ID : CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224
CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228
CVE-2020-36229 CVE-2020-36230
Several vulnerabilities were discovered in OpenLDAP, a free
implementation of the Lightweight Directory Access Protocol. An
unauthenticated remote attacker can take advantage of these flaws to
cause a denial of service (slapd daemon crash, infinite loops) via
specially crafted packets.
For the stable distribution (buster), these problems have been fixed in
version 2.4.47+dfsg-3+deb10u5.
We recommend that you upgrade your openldap packages.
For the detailed security status of openldap please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/openldap
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmAacX5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0QPFg//fcGz69i33dnT0T9ZUCkW1x73lEHKb74p2Cj10rcTnl3NSbX8EmAUagke
oMBeMezDtY7SCjvli4KlgrvCMKes4l6BhXe+HH475CZUHKtyhx/+y5kGjL4BM3kJ
hZYkntsbU5ssg+O+Xdf0fERcxV9HVub4jIFh7r/0zWJriyXHhoz6eVnB+gRL/V9S
BrDq5DgP6lXrbcUStBu1Wpq0HV85r9vi8TQHK+gSRQN0ckFo3q8MZuzL49VU6JAF
PDruJLd7c7ahtyIm2nri3BzDPO8z39h7IoeKD9Xnsl1vk+E1sFXKrJbFE9TVLIJW
9YDU+uDkYpy/ZcSFLQg2yikrFFPjoniKLJvh33mqlji4Wfz6y1jULSWGakILYOua
ZOobdHbQ6kEz9wxpHFCNz7OQEbtXxqFAv6WiDZKicU0ehCbfTqQs6q5T42atm1Mc
E9cbGGS18y9PoPv7MvAeAGA2fAL+E07z4Yivoxw7PfaEYkFZhc/SDcpgDtyKlgrz
EleAM/bR2U/tWK7Y0t5X9wLYNSnlqV0eEVNGlC1sySh4ZeinMMvOc602W2t8rSrd
Gzuiq1pORb6MzsmzGnmo6Vc7vgGKo/m2JNg0XOBRQO2tSmSilKlactvfwKcxxUnp
veL7V3mHGvtaz0yjiPzljiZcTT1G72yrXfz+aJtpu4LS9HUY350=
=gnr5
-----END PGP SIGNATURE-----
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed