[ubuntu/eoan-proposed] openldap 2.4.47+dfsg-3ubuntu3 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Mon Jul 29 12:41:12 UTC 2019 

openldap (2.4.47+dfsg-3ubuntu3) eoan; urgency=medium

  * SECURITY UPDATE: rootDN proxyauthz not restricted to its own databases
    - debian/patches/CVE-2019-13057-1.patch: add restriction to
      servers/slapd/saslauthz.c.
    - debian/patches/CVE-2019-13057-2.patch: add tests to
      tests/data/idassert.out, tests/data/slapd-idassert.conf,
      tests/data/test-idassert1.ldif, tests/scripts/test028-idassert.
    - debian/patches/CVE-2019-13057-3.patch: fix typo in
      tests/scripts/test028-idassert.
    - debian/patches/CVE-2019-13057-4.patch: fix typo in
      tests/scripts/test028-idassert.
    - CVE-2019-13057
  * SECURITY UPDATE: SASL SSF not initialized per connection
    - debian/patches/CVE-2019-13565.patch: zero out sasl_ssf in
      connection_init in servers/slapd/connection.c.
    - CVE-2019-13565

Date: Fri, 26 Jul 2019 13:21:00 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/openldap/2.4.47+dfsg-3ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 26 Jul 2019 13:21:00 -0400
Source: openldap
Architecture: source
Version: 2.4.47+dfsg-3ubuntu3
Distribution: eoan
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 openldap (2.4.47+dfsg-3ubuntu3) eoan; urgency=medium
 .
   * SECURITY UPDATE: rootDN proxyauthz not restricted to its own databases
     - debian/patches/CVE-2019-13057-1.patch: add restriction to
       servers/slapd/saslauthz.c.
     - debian/patches/CVE-2019-13057-2.patch: add tests to
       tests/data/idassert.out, tests/data/slapd-idassert.conf,
       tests/data/test-idassert1.ldif, tests/scripts/test028-idassert.
     - debian/patches/CVE-2019-13057-3.patch: fix typo in
       tests/scripts/test028-idassert.
     - debian/patches/CVE-2019-13057-4.patch: fix typo in
       tests/scripts/test028-idassert.
     - CVE-2019-13057
   * SECURITY UPDATE: SASL SSF not initialized per connection
     - debian/patches/CVE-2019-13565.patch: zero out sasl_ssf in
       connection_init in servers/slapd/connection.c.
     - CVE-2019-13565
Checksums-Sha1:
 26dfdbe830245e978489954b8549acea55af7b98 2963 openldap_2.4.47+dfsg-3ubuntu3.dsc
 70994ac98330ee6ee7a84c333a4a403457509d07 180276 openldap_2.4.47+dfsg-3ubuntu3.debian.tar.xz
 de99f5a8cd1f33e1a761d559dc1b083521742196 7944 openldap_2.4.47+dfsg-3ubuntu3_source.buildinfo
Checksums-Sha256:
 019741404856ce9f5f4be7e92d25aa832edc8436e1bb28b1caa110ecc1efb1a5 2963 openldap_2.4.47+dfsg-3ubuntu3.dsc
 0ed446e4bdfa2fae50c7962bb31b7373c59889d7a64018f0e609a762f913d6fc 180276 openldap_2.4.47+dfsg-3ubuntu3.debian.tar.xz
 aac3991989eb30f97b0ce67195bef6b86c7c99c12e66bda08ed2b1dff65bd581 7944 openldap_2.4.47+dfsg-3ubuntu3_source.buildinfo
Files:
 19dfa54ea4264ecb321a7b5df8edf20d 2963 net optional openldap_2.4.47+dfsg-3ubuntu3.dsc
 22ef6429d7d35de15d0c44057747aa41 180276 net optional openldap_2.4.47+dfsg-3ubuntu3.debian.tar.xz
 e9d91c60f360cb536e4eee247dbb8561 7944 net optional openldap_2.4.47+dfsg-3ubuntu3_source.buildinfo
Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl0+5rAACgkQZWnYVadE
vpNR3g//czwUXt/JJkG7ghbZ5i4n9klmIsWsjEFbzazdEhtFr3hvBWURp6B2XGZ7
fS5ahmu2Px7ja/7Ni2n6L6smzJ/D6mZcUfvX7hvgqRyTXCfEVrQME49nDhZerC1H
BE04Y3UgRwqem2yEI5wFQHSjmXe+Cmb4yQdjC7mrs6W2b4KMGt+dbjvK6CtSWkbr
/iteCipR8jtmVVyjgxE9iDRjmBCvYuwQPsFMJBE1aIc9pS/PrE52bz6MGnPTcHKr
+skTlG/fgOkSIfDVBLF+HJJd5gGfoiPrigESaRK1KTpa0kRWZlRJEZuU7xulm8/3
7qpSOJSDbmrwZ9EL2URsjhwyzeDUKdOgipwIRkBcpE9PpwrAtJCIOaTp5SpLV8Lp
FyPDr8ZR1hUlr6KzJmMDxqfA5qWJYQEcppYWOFMC7nNPoYPMtA8MbO3fKXhdvN2i
jCNLNiZX2uI/ADGoUOGUI+qC+3gSsKCIZ3vYeyBtED6FP+lpnXI7+kvAMkMgBbYz
nV94q9iuPVuwrwSthq6ZI7vrf8PsDjrJ25thsFz0sSp8+NQ7sThwBryhlxKfQ86w
PRQ5CPxXTRueWYZHUvzi3ea1uPgoVFWhyVbq0A41UkVxRri2mUaYVzxLs6SFGwwp
Qh+KJO1E9FA5DmGASZ/7C3hAz5CT7lApipExAbWu53OrjynBVF8=
=e0rl
-----END PGP SIGNATURE-----

More information about the Eoan-changes mailing list