[Bug 1446809] Re: [SRU] denial of service via an LDAP search query (CVE-2012-1164, CVE-2013-4449, CVE-2015-1545)
Launchpad Bug Tracker
1446809 at bugs.launchpad.net
Tue May 26 17:29:28 UTC 2015
This bug was fixed in the package openldap - 2.4.31-1+nmu2ubuntu12.1
---------------
openldap (2.4.31-1+nmu2ubuntu12.1) vivid-security; urgency=medium
* SECURITY UPDATE: fix rwm overlay reference counting. (LP: #1446809)
- debian/patches/CVE-2013-4449.patch: fix reference counting
- CVE-2013-4449
* SECURITY UPDATE: fix NULL pointer dereference in deref_parseCtrl()
- debian/patches/CVE-2015-1545.patch: require non-empty AttributeList
- CVE-2015-1545
-- Felipe Reyes <felipe.reyes at canonical.com> Tue, 19 May 2015 12:58:25
-0300
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1446809
Title:
[SRU] denial of service via an LDAP search query (CVE-2012-1164,
CVE-2013-4449, CVE-2015-1545)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1446809/+subscriptions
More information about the Ubuntu-server-bugs
mailing list