[ubuntu/disco-proposed] ldb 2:1.5.1+really1.4.3-1ubuntu2 (Accepted)

Tue Feb 26 16:54:19 UTC 2019

ldb (2:1.5.1+really1.4.3-1ubuntu2) disco; urgency=medium

  * SECURITY UPDATE: Out of bound read in ldb_wildcard_compare
    - debian/patches/CVE-2019-3824-1.patch: fix length.
    - debian/patches/CVE-2019-3824-2.patch: add extra comments.
    - debian/patches/CVE-2019-3824-3.patch: improve code style.
    - debian/patches/CVE-2019-3824-4.patch: use talloc_zero.
    - debian/patches/CVE-2019-3824-5.patch: check tree operation.
    - debian/patches/CVE-2019-3824-6.patch: fix end of data check.
    - CVE-2019-3824

Date: Tue, 26 Feb 2019 11:37:34 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/ldb/2:1.5.1+really1.4.3-1ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 26 Feb 2019 11:37:34 -0500
Source: ldb
Architecture: source
Version: 2:1.5.1+really1.4.3-1ubuntu2
Distribution: disco
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 ldb (2:1.5.1+really1.4.3-1ubuntu2) disco; urgency=medium
 .
   * SECURITY UPDATE: Out of bound read in ldb_wildcard_compare
     - debian/patches/CVE-2019-3824-1.patch: fix length.
     - debian/patches/CVE-2019-3824-2.patch: add extra comments.
     - debian/patches/CVE-2019-3824-3.patch: improve code style.
     - debian/patches/CVE-2019-3824-4.patch: use talloc_zero.
     - debian/patches/CVE-2019-3824-5.patch: check tree operation.
     - debian/patches/CVE-2019-3824-6.patch: fix end of data check.
     - CVE-2019-3824
Checksums-Sha1:
 074303a2b52d1a26dced91213e1ad85f1943c7b2 2630 ldb_1.5.1+really1.4.3-1ubuntu2.dsc
 7e2b1e61c427196854c98d11e95a65587f70bfba 20076 ldb_1.5.1+really1.4.3-1ubuntu2.debian.tar.xz
 1448827bd105b414e3f6bee2e2a4da7c038c7352 8313 ldb_1.5.1+really1.4.3-1ubuntu2_source.buildinfo
Checksums-Sha256:
 b9671d85960b66951c7259356eb947d34d82c0a14335c9649d7107c7108566fd 2630 ldb_1.5.1+really1.4.3-1ubuntu2.dsc
 a265517c91da06de14d92c94e203124ca7dfd3ab6cbb8562dd2c7cca7b3c6017 20076 ldb_1.5.1+really1.4.3-1ubuntu2.debian.tar.xz
 a3683ce2f3bb42e0c54a787ae03b83f34aa6b776d3bc0bcc8ef7b36528cec989 8313 ldb_1.5.1+really1.4.3-1ubuntu2_source.buildinfo
Files:
 870f5020e42e6bdbbe1c7c83693d8c1b 2630 devel optional ldb_1.5.1+really1.4.3-1ubuntu2.dsc
 ef4697cddea9a3a49b66a6fd3ea9719a 20076 devel optional ldb_1.5.1+really1.4.3-1ubuntu2.debian.tar.xz
 f83dec2fa234370f8ce20a21213000bf 8313 devel optional ldb_1.5.1+really1.4.3-1ubuntu2_source.buildinfo
Original-Maintainer: Debian Samba Maintainers <pkg-samba-maint at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlx1btoACgkQZWnYVadE
vpOFNxAAgjzbp6cE9Nogd6zwFcaBKkEAlQ9/kl7zM8LoNPFcndrdufQQFop3RTB3
Gml5Ej1zSU6YkKUEQUgsIRLq06bPdfEK0+rCUbHepI07IyLDZtLsUFdMpaLsjQ7m
JW4dbmO4HM0xfUlZ6PKLqiBiy+GOu4qoTGRNqSazqouFUwt0bLqzqd74Rt4xoFXn
JJJR9h7/QtnaMiSS2zj3lHg4PZPjs2T1zNI4pO3lFm8T94wuirHMCXmPFvWaWSfB
PSF0VWQAag+Pz/jgKimJvcqGdRNHIQkAsU4BqqpmzaBT7GRkKMM+lpoRE+IwaRMc
mhIUM4FFLfiquoruPBvFFiRDOJyDKTlm9E6dbBPPZgcsvjOlOZRnXw7z3YtiZUD/
GrylRhJvi9urVyP59TVIRNEnkJor0jIhvGpQ2n7X1KSsK9R+U63fm6wvDzQ60dvz
Y1mbJmI1DRfIsjaPx31RzqSrrK23moxM54yXwO4MYGN5AYk8FIccD3owReeTT61Z
E7v2K/E7t3RzHIKJy5axfJ7EdohPA8yE/38zvMrDBsLIrHaDT8tlGrShF0dEYAfg
7lJ+S6ZF6euG1DbWEjZWSkowW85W3z9ktucjItY5YN3wYULx2vOYYboku/Id5DA8
NPQsC9pLUh58rHycXnHiTyH0V9jFlx0vczy2TfhzFz2IPiVEUSU=
=gDMo
-----END PGP SIGNATURE-----