[ubuntu/dapper-security] openldap2.2, openldap2.2 (delayed) 2.2.26-5ubuntu2.10 (Accepted)

Ubuntu Installer archive at ubuntu.com
Mon Aug 9 23:06:13 BST 2010 

openldap2.2 (2.2.26-5ubuntu2.10) dapper-security; urgency=low

  * SECURITY UPDATE: null ptr deref, free uninitialized data in modrdn calls
    - servers/slapd/modrdn.c: check return for errors and clean up uninitialized data
    - servers/slapd/dn.c: return error on 0-length or binary RDNs
    - servers/slapd/schema_init.c: return error on invalid syntax
    - References
      CVE-2010-0211, CVE-2010-0212
      http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/modrdn.c.diff?r1=1.170.2.7&r2=1.170.2.8
      http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/dn.c.diff?r1=1.182.2.15&r2=1.182.2.16
      http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/schema_init.c.diff?r1=1.386.2.39&r2=1.386.2.40

Date: Thu, 29 Jul 2010 16:25:34 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Torsten Landschoff <torsten at debian.org>
https://launchpad.net/ubuntu/dapper/+source/openldap2.2/2.2.26-5ubuntu2.10
-------------- next part --------------
Format: 1.7
Date: Thu, 29 Jul 2010 16:25:34 -0700
Source: openldap2.2
Binary: slapd ldap-utils libldap-2.2-7
Architecture: source
Version: 2.2.26-5ubuntu2.10
Distribution: dapper-security
Urgency: low
Maintainer: Torsten Landschoff <torsten at debian.org>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 ldap-utils - OpenLDAP utilities
 libldap-2.2-7 - OpenLDAP libraries
 slapd      - OpenLDAP server (slapd)
Changes: 
 openldap2.2 (2.2.26-5ubuntu2.10) dapper-security; urgency=low
 .
   * SECURITY UPDATE: null ptr deref, free uninitialized data in modrdn calls
     - servers/slapd/modrdn.c: check return for errors and clean up uninitialized data
     - servers/slapd/dn.c: return error on 0-length or binary RDNs
     - servers/slapd/schema_init.c: return error on invalid syntax
     - References
       CVE-2010-0211, CVE-2010-0212
       http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/modrdn.c.diff?r1=1.170.2.7&r2=1.170.2.8
       http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/dn.c.diff?r1=1.182.2.15&r2=1.182.2.16
       http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/schema_init.c.diff?r1=1.386.2.39&r2=1.386.2.40
Files: 
 d667c44fbed4302c7e791de823c92101 1671 net optional openldap2.2_2.2.26-5ubuntu2.10.dsc
 c8f27c0b3f97fc0fe6681ca49f889853 517754 net optional openldap2.2_2.2.26-5ubuntu2.10.diff.gz

More information about the dapper-changes mailing list