========================================================================== Ubuntu Security Notice USN-3307-1 June 01, 2017 openldap vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.04 - Ubuntu 16.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: OpenLDAP could be made to crash if it received specially crafted network traffic. Software Description: - openldap: OpenLDAP utilities Details: Karsten Heymann discovered that OpenLDAP incorrectly handled certain search requests. A remote attacker could use this issue to cause slapd to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: slapd 2.4.44+dfsg-3ubuntu2.1 Ubuntu 16.10: slapd 2.4.42+dfsg-2ubuntu4.1 Ubuntu 16.04 LTS: slapd 2.4.42+dfsg-2ubuntu3.2 Ubuntu 14.04 LTS: slapd 2.4.31-1+nmu2ubuntu8.4 In general, a standard system update will make all the necessary changes. References: https://www.ubuntu.com/usn/usn-3307-1 CVE-2017-9287 Package Information: https://launchpad.net/ubuntu/+source/openldap/2.4.44+dfsg-3ubuntu2.1 https://launchpad.net/ubuntu/+source/openldap/2.4.42+dfsg-2ubuntu4.1 https://launchpad.net/ubuntu/+source/openldap/2.4.42+dfsg-2ubuntu3.2 https://launchpad.net/ubuntu/+source/openldap/2.4.31-1+nmu2ubuntu8.4