Описание
Security update for openldap2
This update for openldap2 fixes the following issues:
- CVE-2020-25709: Fixed a crash caused by specially crafted network traffic (bsc#1178909).
- CVE-2020-25710: Fixed a crash caused by specially crafted network traffic (bsc#1178909).
Список пакетов
SUSE Linux Enterprise Module for Legacy 12
compat-libldap-2_3-0-2.3.37-18.24.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
compat-libldap-2_3-0-2.3.37-18.24.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
compat-libldap-2_3-0-2.3.37-18.24.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
compat-libldap-2_3-0-2.3.37-18.24.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
compat-libldap-2_3-0-2.3.37-18.24.26.1
Ссылки
- Link for SUSE-SU-2021:0142-1
- E-Mail link for SUSE-SU-2021:0142-1
- SUSE Security Ratings
- SUSE Bug 1178909
- SUSE CVE CVE-2020-25709 page
- SUSE CVE CVE-2020-25710 page
Описание
A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP's slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.
Затронутые продукты
SUSE Linux Enterprise Module for Legacy 12:compat-libldap-2_3-0-2.3.37-18.24.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2:compat-libldap-2_3-0-2.3.37-18.24.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3:compat-libldap-2_3-0-2.3.37-18.24.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4:compat-libldap-2_3-0-2.3.37-18.24.26.1
Ссылки
- CVE-2020-25709
- SUSE Bug 1178909
Описание
A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
Затронутые продукты
SUSE Linux Enterprise Module for Legacy 12:compat-libldap-2_3-0-2.3.37-18.24.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2:compat-libldap-2_3-0-2.3.37-18.24.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3:compat-libldap-2_3-0-2.3.37-18.24.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4:compat-libldap-2_3-0-2.3.37-18.24.26.1
Ссылки
- CVE-2020-25710
- SUSE Bug 1178909