[ubuntu/jaunty-security] openldap_2.4.15-1ubuntu3.1_ia64_translations.tar.gz, openldap_2.4.15-1ubuntu3.1_armel_translations.tar.gz, openldap_2.4.15-1ubuntu3.1_powerpc_translations.tar.gz, openldap_2.4.15-1ubuntu3.1_lpia_translations.tar.gz, openldap_2.4.15-1ubuntu3.1_sparc_translations.tar.gz (delayed), openldap, openldap_2.4.15-1ubuntu3.1_hppa_translations.tar.gz, openldap_2.4.15-1ubuntu3.1_i386_translations.tar.gz, openldap_2.4.15-1ubuntu3.1_amd64_translations.tar.gz 2.4.15-1ubuntu3.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Mon Aug 9 23:05:38 BST 2010


openldap (2.4.15-1ubuntu3.1) jaunty-security; urgency=low

  * SECURITY UPDATE: null ptr deref, free uninitialized data in modrdn calls
    - openldap-2.4.22-CVE-2010-0211-modrdn_check_error.patch:
      - check return for errors and clean up uninitialized data
    - openldap-2.4.22-CVE-2010-0212-modrdn_null_deref.patch:
      - return error on 0-length or binary RDNs
    - CVE-2010-0211, CVE-2010-0212

Date: Wed, 28 Jul 2010 23:28:31 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/jaunty/+source/openldap/2.4.15-1ubuntu3.1
-------------- next part --------------
Format: 1.8
Date: Wed, 28 Jul 2010 23:28:31 -0700
Source: openldap
Binary: slapd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev slapd-dbg
Architecture: source
Version: 2.4.15-1ubuntu3.1
Distribution: jaunty-security
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 ldap-utils - OpenLDAP utilities
 libldap-2.4-2 - OpenLDAP libraries
 libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries
 libldap2-dev - OpenLDAP development libraries
 slapd      - OpenLDAP server (slapd)
 slapd-dbg  - Debugging information for the OpenLDAP server (slapd)
Changes: 
 openldap (2.4.15-1ubuntu3.1) jaunty-security; urgency=low
 .
   * SECURITY UPDATE: null ptr deref, free uninitialized data in modrdn calls
     - openldap-2.4.22-CVE-2010-0211-modrdn_check_error.patch:
       - check return for errors and clean up uninitialized data
     - openldap-2.4.22-CVE-2010-0212-modrdn_null_deref.patch:
       - return error on 0-length or binary RDNs
     - CVE-2010-0211, CVE-2010-0212
Checksums-Sha1: 
 1dcf1b0ef50bb6fef253d0a1971c79299c9fcb3b 2580 openldap_2.4.15-1ubuntu3.1.dsc
 680bc4abad934d68a635012940a57d4e9de5802f 154255 openldap_2.4.15-1ubuntu3.1.diff.gz
Checksums-Sha256: 
 c58f0388df64a25091f0e913def3854545b63ea190b1eb160637a5240f24a931 2580 openldap_2.4.15-1ubuntu3.1.dsc
 fea22bd34c67c3b9c5638a5395ad85fa2e669238213096771a6c2f74be7d995c 154255 openldap_2.4.15-1ubuntu3.1.diff.gz
Files: 
 8e2ce6601731777b20e90b4844f5763f 2580 net optional openldap_2.4.15-1ubuntu3.1.dsc
 d445dd331a3618538a5b62b9162fe8c1 154255 net optional openldap_2.4.15-1ubuntu3.1.diff.gz
Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel at lists.alioth.debian.org>


More information about the Jaunty-changes mailing list