[ubuntu/karmic-security] openldap_2.4.18-0ubuntu1.1_lpia_translations.tar.gz, openldap_2.4.18-0ubuntu1.1_amd64_translations.tar.gz, openldap_2.4.18-0ubuntu1.1_powerpc_translations.tar.gz, openldap_2.4.18-0ubuntu1.1_sparc_translations.tar.gz (delayed), openldap_2.4.18-0ubuntu1.1_ia64_translations.tar.gz, openldap_2.4.18-0ubuntu1.1_armel_translations.tar.gz, openldap, openldap_2.4.18-0ubuntu1.1_i386_translations.tar.gz 2.4.18-0ubuntu1.1 (Accepted)

Ubuntu Installer archive at ubuntu.com
Mon Aug 9 23:05:15 BST 2010


openldap (2.4.18-0ubuntu1.1) karmic-security; urgency=low

  * SECURITY UPDATE: null ptr deref, free uninitialized data in modrdn calls
    - openldap-2.4.22-CVE-2010-0211-modrdn_check_error.patch:
      - check return for errors and clean up uninitialized data
    - openldap-2.4.22-CVE-2010-0212-modrdn_null_deref.patch:
      - return error on 0-length or binary RDNs
    - CVE-2010-0211, CVE-2010-0212

Date: Wed, 28 Jul 2010 22:57:05 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/openldap/2.4.18-0ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Wed, 28 Jul 2010 22:57:05 -0700
Source: openldap
Binary: slapd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev slapd-dbg
Architecture: source
Version: 2.4.18-0ubuntu1.1
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 ldap-utils - OpenLDAP utilities
 libldap-2.4-2 - OpenLDAP libraries
 libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries
 libldap2-dev - OpenLDAP development libraries
 slapd      - OpenLDAP server (slapd)
 slapd-dbg  - Debugging information for the OpenLDAP server (slapd)
Changes: 
 openldap (2.4.18-0ubuntu1.1) karmic-security; urgency=low
 .
   * SECURITY UPDATE: null ptr deref, free uninitialized data in modrdn calls
     - openldap-2.4.22-CVE-2010-0211-modrdn_check_error.patch:
       - check return for errors and clean up uninitialized data
     - openldap-2.4.22-CVE-2010-0212-modrdn_null_deref.patch:
       - return error on 0-length or binary RDNs
     - CVE-2010-0211, CVE-2010-0212
Checksums-Sha1: 
 66a973fcaf0c6ee6158349c820d0f59600b4e208 2591 openldap_2.4.18-0ubuntu1.1.dsc
 c397db81e335441c156ed750e0c3312345089775 148923 openldap_2.4.18-0ubuntu1.1.diff.gz
Checksums-Sha256: 
 7ee8cc4a2e274dd9f44addb643c5df347014361cc8da177ac67892fa050a6fb2 2591 openldap_2.4.18-0ubuntu1.1.dsc
 3ebdc123486193397aa7c33a3bf4bc8561619599b57db437d527c92913f94213 148923 openldap_2.4.18-0ubuntu1.1.diff.gz
Files: 
 9a1e0a051a099878f29fab06a8790a89 2591 net optional openldap_2.4.18-0ubuntu1.1.dsc
 a3497f1f2fbca7df47ca8e58a49d10b0 148923 net optional openldap_2.4.18-0ubuntu1.1.diff.gz
Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel at lists.alioth.debian.org>


More information about the Karmic-changes mailing list