Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2021:14700-1

Опубликовано: 16 апр. 2021
Источник: suse-cvrf

Описание

Security update for openldap2

This update for openldap2 fixes the following issues:

  • bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.
  • bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.
  • bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the Certificate List Exact Assertion processing, resulting in denial of service.
  • bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.
  • bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
  • bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
  • bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.
  • bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.
  • bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).
  • bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).
  • bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.
  • resynchronise changelogs with subpackages (bsc#1184020).

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3
compat-libldap-2_3-0-2.3.37-2.74.26.1
libldap-2_4-2-2.4.26-0.74.26.1
openldap2-2.4.26-0.74.26.1
openldap2-back-meta-2.4.26-0.74.26.1
openldap2-client-2.4.26-0.74.26.1
SUSE Linux Enterprise Server 11 SP4-LTSS
compat-libldap-2_3-0-2.3.37-2.74.26.1
libldap-2_4-2-2.4.26-0.74.26.1
libldap-2_4-2-32bit-2.4.26-0.74.26.1
openldap2-2.4.26-0.74.26.1
openldap2-back-meta-2.4.26-0.74.26.1
openldap2-client-2.4.26-0.74.26.1
SUSE Linux Enterprise Server 11-SECURITY
libldap-openssl1-2_4-2-2.4.26-0.74.26.1
libldap-openssl1-2_4-2-32bit-2.4.26-0.74.26.1
libldap-openssl1-2_4-2-x86-2.4.26-0.74.26.1
openldap2-client-openssl1-2.4.26-0.74.26.1
openldap2-openssl1-2.4.26-0.74.26.1

Ссылки

Описание

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:compat-libldap-2_3-0-2.3.37-2.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:libldap-2_4-2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-back-meta-2.4.26-0.74.26.1
Ссылки

Описание

A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:compat-libldap-2_3-0-2.3.37-2.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:libldap-2_4-2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-back-meta-2.4.26-0.74.26.1
Ссылки

Описание

A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:compat-libldap-2_3-0-2.3.37-2.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:libldap-2_4-2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-back-meta-2.4.26-0.74.26.1
Ссылки

Описание

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:compat-libldap-2_3-0-2.3.37-2.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:libldap-2_4-2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-back-meta-2.4.26-0.74.26.1
Ссылки

Описание

A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:compat-libldap-2_3-0-2.3.37-2.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:libldap-2_4-2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-back-meta-2.4.26-0.74.26.1
Ссылки

Описание

A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:compat-libldap-2_3-0-2.3.37-2.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:libldap-2_4-2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-back-meta-2.4.26-0.74.26.1
Ссылки

Описание

A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:compat-libldap-2_3-0-2.3.37-2.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:libldap-2_4-2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-back-meta-2.4.26-0.74.26.1
Ссылки

Описание

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:compat-libldap-2_3-0-2.3.37-2.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:libldap-2_4-2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-back-meta-2.4.26-0.74.26.1
Ссылки

Описание

A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:compat-libldap-2_3-0-2.3.37-2.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:libldap-2_4-2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-back-meta-2.4.26-0.74.26.1
Ссылки

Описание

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:compat-libldap-2_3-0-2.3.37-2.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:libldap-2_4-2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-back-meta-2.4.26-0.74.26.1
Ссылки

Описание

In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:compat-libldap-2_3-0-2.3.37-2.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:libldap-2_4-2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-2.4.26-0.74.26.1
SUSE Linux Enterprise Point of Sale 11 SP3:openldap2-back-meta-2.4.26-0.74.26.1
Ссылки
Уязвимость SUSE-SU-2021:14700-1