Описание
Security update for openldap2
This update for openldap2 fixes the following issues:
- CVE-2020-25709: Fixed a crash caused by specially crafted network traffic (bsc#1178909).
- CVE-2020-25710: Fixed a crash caused by specially crafted network traffic (bsc#1178909).
Список пакетов
SUSE Linux Enterprise Server 11-SECURITY
libldap-openssl1-2_4-2-2.4.26-0.74.19.1
libldap-openssl1-2_4-2-32bit-2.4.26-0.74.19.1
libldap-openssl1-2_4-2-x86-2.4.26-0.74.19.1
openldap2-client-openssl1-2.4.26-0.74.19.1
openldap2-openssl1-2.4.26-0.74.19.1
Ссылки
- Link for SUSE-SU-2021:14597-1
- E-Mail link for SUSE-SU-2021:14597-1
- SUSE Security Ratings
- SUSE Bug 1178909
- SUSE CVE CVE-2020-25709 page
- SUSE CVE CVE-2020-25710 page
Описание
A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP's slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.
Затронутые продукты
SUSE Linux Enterprise Server 11-SECURITY:libldap-openssl1-2_4-2-2.4.26-0.74.19.1
SUSE Linux Enterprise Server 11-SECURITY:libldap-openssl1-2_4-2-32bit-2.4.26-0.74.19.1
SUSE Linux Enterprise Server 11-SECURITY:libldap-openssl1-2_4-2-x86-2.4.26-0.74.19.1
SUSE Linux Enterprise Server 11-SECURITY:openldap2-client-openssl1-2.4.26-0.74.19.1
Ссылки
- CVE-2020-25709
- SUSE Bug 1178909
Описание
A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
Затронутые продукты
SUSE Linux Enterprise Server 11-SECURITY:libldap-openssl1-2_4-2-2.4.26-0.74.19.1
SUSE Linux Enterprise Server 11-SECURITY:libldap-openssl1-2_4-2-32bit-2.4.26-0.74.19.1
SUSE Linux Enterprise Server 11-SECURITY:libldap-openssl1-2_4-2-x86-2.4.26-0.74.19.1
SUSE Linux Enterprise Server 11-SECURITY:openldap2-client-openssl1-2.4.26-0.74.19.1
Ссылки
- CVE-2020-25710
- SUSE Bug 1178909