[ubuntu/lucid-security] openldap_2.4.21-0ubuntu5.2_sparc_translations.tar.gz (delayed), openldap_2.4.21-0ubuntu5.2_i386_translations.tar.gz, openldap_2.4.21-0ubuntu5.2_ia64_translations.tar.gz, openldap_2.4.21-0ubuntu5.2_powerpc_translations.tar.gz, openldap, openldap_2.4.21-0ubuntu5.2_armel_translations.tar.gz, openldap_2.4.21-0ubuntu5.2_amd64_translations.tar.gz 2.4.21-0ubuntu5.2 (Accepted)

Ubuntu Installer archive at ubuntu.com
Mon Aug 9 23:05:04 BST 2010 

openldap (2.4.21-0ubuntu5.2) lucid-security; urgency=low

  * SECURITY UPDATE: null ptr deref, free uninitialized data in modrdn calls
    - openldap-2.4.22-CVE-2010-0211-modrdn_check_error.patch:
      - check return for errors and clean up uninitialized data
    - openldap-2.4.22-CVE-2010-0212-modrdn_null_deref.patch:
      - return error on 0-length or binary RDNs
    - CVE-2010-0211, CVE-2010-0212

Date: Wed, 28 Jul 2010 16:36:36 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/openldap/2.4.21-0ubuntu5.2
-------------- next part --------------
Format: 1.8
Date: Wed, 28 Jul 2010 16:36:36 -0700
Source: openldap
Binary: slapd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev slapd-dbg
Architecture: source
Version: 2.4.21-0ubuntu5.2
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description: 
 ldap-utils - OpenLDAP utilities
 libldap-2.4-2 - OpenLDAP libraries
 libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries
 libldap2-dev - OpenLDAP development libraries
 slapd      - OpenLDAP server (slapd)
 slapd-dbg  - Debugging information for the OpenLDAP server (slapd)
Changes: 
 openldap (2.4.21-0ubuntu5.2) lucid-security; urgency=low
 .
   * SECURITY UPDATE: null ptr deref, free uninitialized data in modrdn calls
     - openldap-2.4.22-CVE-2010-0211-modrdn_check_error.patch:
       - check return for errors and clean up uninitialized data
     - openldap-2.4.22-CVE-2010-0212-modrdn_null_deref.patch:
       - return error on 0-length or binary RDNs
     - CVE-2010-0211, CVE-2010-0212
Checksums-Sha1: 
 21ea7551f487abb1fe4682fb4b3edaf50f4a3a63 2604 openldap_2.4.21-0ubuntu5.2.dsc
 7c7bd40153fb4ce67552d7cf672f254c6d26189d 152344 openldap_2.4.21-0ubuntu5.2.diff.gz
Checksums-Sha256: 
 1a133026c73e45a2ceabd8c8b53aaece1ca6ecf2b550d84ec530cdca0f17362c 2604 openldap_2.4.21-0ubuntu5.2.dsc
 c600611e44e02e2dc8e3f95299d363dffefcea887c59479beb8fda2e7fe859bd 152344 openldap_2.4.21-0ubuntu5.2.diff.gz
Files: 
 3949eaa661a5ba73feab675ebc248942 2604 net optional openldap_2.4.21-0ubuntu5.2.dsc
 035da3250be5687c5f21c8869a7ad9e3 152344 net optional openldap_2.4.21-0ubuntu5.2.diff.gz
Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel at lists.alioth.debian.org>

More information about the Lucid-changes mailing list