Описание
Security update for openldap2
This update for openldap2 fixes the following issues:
- CVE-2020-12243: Fixed a denial of service related to recursive filters (bsc#1170771).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.1
libldap-2_4-2-2.4.46-lp151.10.9.1
libldap-2_4-2-32bit-2.4.46-lp151.10.9.1
libldap-data-2.4.46-lp151.10.9.1
openldap2-2.4.46-lp151.10.9.1
openldap2-back-meta-2.4.46-lp151.10.9.1
openldap2-back-perl-2.4.46-lp151.10.9.1
openldap2-back-sock-2.4.46-lp151.10.9.1
openldap2-back-sql-2.4.46-lp151.10.9.1
openldap2-client-2.4.46-lp151.10.9.1
openldap2-contrib-2.4.46-lp151.10.9.1
openldap2-devel-2.4.46-lp151.10.9.1
openldap2-devel-32bit-2.4.46-lp151.10.9.1
openldap2-devel-static-2.4.46-lp151.10.9.1
openldap2-doc-2.4.46-lp151.10.9.1
openldap2-ppolicy-check-password-1.2-lp151.10.9.1
Ссылки
- E-Mail link for openSUSE-SU-2020:0647-1
- SUSE Security Ratings
- SUSE Bug 1170771
- SUSE CVE CVE-2020-12243 page
Описание
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).
Затронутые продукты
openSUSE Leap 15.1:libldap-2_4-2-2.4.46-lp151.10.9.1
openSUSE Leap 15.1:libldap-2_4-2-32bit-2.4.46-lp151.10.9.1
openSUSE Leap 15.1:libldap-data-2.4.46-lp151.10.9.1
openSUSE Leap 15.1:openldap2-2.4.46-lp151.10.9.1
Ссылки
- CVE-2020-12243
- SUSE Bug 1170771