[ubuntu/natty] openldap 2.4.23-6ubuntu6 (Accepted)

Jamie Strandboge jamie at ubuntu.com
Thu Apr 7 17:40:39 UTC 2011


openldap (2.4.23-6ubuntu6) natty; urgency=low

  * SECURITY UPDATE: fix successful anonymous bind via chain overlay when
    using forwarded authentication failures
    - debian/patches/CVE-2011-1024
    - CVE-2011-1024
  * SECURITY UPDATE: verify password when authenticating to rootdn and using ndb
    backend. Note: Ubuntu is not compiled with --enable-ndb by default
    - debian/patches/CVE-2011-1025
    - CVE-2011-1025
  * SECURITY UPDATE: fix DoS when processing unauthenticated modrdn requests
    and requestDN is empty
    - debian/patches/CVE-2011-1081
    - CVE-2011-1081
    - LP: #742104

Date: Thu, 07 Apr 2011 11:36:53 -0500
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/openldap/2.4.23-6ubuntu6
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 07 Apr 2011 11:36:53 -0500
Source: openldap
Binary: slapd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev slapd-dbg
Architecture: source
Version: 2.4.23-6ubuntu6
Distribution: natty
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description: 
 ldap-utils - OpenLDAP utilities
 libldap-2.4-2 - OpenLDAP libraries
 libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries
 libldap2-dev - OpenLDAP development libraries
 slapd      - OpenLDAP server (slapd)
 slapd-dbg  - Debugging information for the OpenLDAP server (slapd)
Launchpad-Bugs-Fixed: 742104
Changes: 
 openldap (2.4.23-6ubuntu6) natty; urgency=low
 .
   * SECURITY UPDATE: fix successful anonymous bind via chain overlay when
     using forwarded authentication failures
     - debian/patches/CVE-2011-1024
     - CVE-2011-1024
   * SECURITY UPDATE: verify password when authenticating to rootdn and using ndb
     backend. Note: Ubuntu is not compiled with --enable-ndb by default
     - debian/patches/CVE-2011-1025
     - CVE-2011-1025
   * SECURITY UPDATE: fix DoS when processing unauthenticated modrdn requests
     and requestDN is empty
     - debian/patches/CVE-2011-1081
     - CVE-2011-1081
     - LP: #742104
Checksums-Sha1: 
 a98bc66eb59da73639e3c3e7ed4fc939e00d9058 2620 openldap_2.4.23-6ubuntu6.dsc
 291ad3859e5f83e25fc4e6ec0e3bc7411d2695e7 169433 openldap_2.4.23-6ubuntu6.diff.gz
Checksums-Sha256: 
 6cc4d5f3e2c19cc97e848e430c720434068e900440775197f2bb246d5aefadf2 2620 openldap_2.4.23-6ubuntu6.dsc
 1f1f78824dedaa9ada19feecb1a55bddd6ffba4508d05ab8491442c33f9602d6 169433 openldap_2.4.23-6ubuntu6.diff.gz
Files: 
 c3c5f25da9011e9c9aa4005b2df44d44 2620 net optional openldap_2.4.23-6ubuntu6.dsc
 8b6d490c1719710eb69be593fd20c4ef 169433 net optional openldap_2.4.23-6ubuntu6.diff.gz
Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCgAGBQJNnfTuAAoJEFHb3FjMVZVz7f0P/0oVR/gzgmBOTZJ8sAM0Hgmq
R7S2HG1jvo05MZyd066CAobIzVXFLSuh+Ft6qhri6KlViGvsAjsbv+NNLlX9f7Ht
TvE91gwJQFDDd6fkTLhP197XFkWK3izWLB85XVEeK7vShQLu9Eu1dfP2k/IfTfbK
pAMAhMUW/Gzv281IwLRGSegUCxqYA7FuT6ZXiWmlKoVCWRVSGh18Fg5fkxeSNIpk
DtTWKh84K/YTsBCTa+WPD7s1RGDrYiYNXwYJ9sj6/dvpl0ZTdxIeCleIeW1jBwNt
doqDU6uxOukQy12IJdewjs7Ja2IPTaoDVXxszCALTb9nmC6906p9VFPSUX+isYiK
0zywkP67+jxXetDfH9RbR2U3ZAAXZn5ZkrmUIGicA3eWFjwvaQR/2X5nOPUQoYNr
dj1MsiGw3+xO85e50adAGVbj8HLkEJ7Dsxli107nxKJDql3T8vYXN+WMbGN0rOMQ
AcGmHWjpJhEPxzEmNex03GWzuN7TROnkFID132CV9hJI5U32jwk5M6AK6/Tsbpcy
app3OFYvXOWsv/5wboI9C9iGKp1gDB9FDgegKHTgYYIw9GUiixbMXtm0GLYKnSej
wYK9ljCoE1SZK/dVFZSe6tfyi6NeCO/bolkRI9oAXE8nYz1roUxCwkFEJa9zBodl
KTacE0RfaPRjPgEbmEQO
=/l3n
-----END PGP SIGNATURE-----


More information about the Natty-changes mailing list