Описание
Security update for openldap2
This update for openldap2 fixes the following issues:
- CVE-2020-12243: Fixed a denial of service related to recursive filters (bsc#1170771).
Список пакетов
SUSE Linux Enterprise Point of Sale 11 SP3
compat-libldap-2_3-0-2.3.37-2.74.9.1
libldap-2_4-2-2.4.26-0.74.9.1
openldap2-2.4.26-0.74.9.1
openldap2-back-meta-2.4.26-0.74.9.1
openldap2-client-2.4.26-0.74.9.1
SUSE Linux Enterprise Server 11 SP4-LTSS
compat-libldap-2_3-0-2.3.37-2.74.9.1
libldap-2_4-2-2.4.26-0.74.9.1
libldap-2_4-2-32bit-2.4.26-0.74.9.1
openldap2-2.4.26-0.74.9.1
openldap2-back-meta-2.4.26-0.74.9.1
openldap2-client-2.4.26-0.74.9.1
SUSE Linux Enterprise Server 11-SECURITY
libldap-openssl1-2_4-2-2.4.26-0.74.9.1
libldap-openssl1-2_4-2-32bit-2.4.26-0.74.9.1
libldap-openssl1-2_4-2-x86-2.4.26-0.74.9.1
openldap2-client-openssl1-2.4.26-0.74.9.1
openldap2-openssl1-2.4.26-0.74.9.1
Ссылки
- Link for SUSE-SU-2020:14358-1
- E-Mail link for SUSE-SU-2020:14358-1
- SUSE Security Ratings
- SUSE Bug 1170771
- SUSE CVE CVE-2020-12243 page
Описание
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).
Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:compat-libldap-2_3-0-2.3.37-2.74.9.1
SUSE Linux Enterprise Point of Sale 11 SP3:libldap-2_4-2-2.4.26-0.74.9.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-2.4.26-0.74.9.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-back-meta-2.4.26-0.74.9.1
Ссылки
- CVE-2020-12243
- SUSE Bug 1170771