1. Forum
  2. FSXNet
  3. FSX BOT

  • OpenLDAP vulnerability

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Wednesday, May 06, 2020 16:10:04
    112
    openldap vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 14.04 ESM
    * Ubuntu 12.04 ESM

    Summary

    OpenLDAP could be made to crash if it received specially crafted
    network traffic.

    Software Description

    * openldap - Lightweight Directory Access Protocol

    Details

    USN-4352-1 fixed a vulnerability in OpenLDAP. This update provides
    the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04
    ESM.

    Original advisory details:

    It was discovered that OpenLDAP incorrectly handled certain
    queries. A remote attacker could possibly use this issue to cause
    OpenLDAP to consume resources, resulting in a denial of service.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 14.04 ESM
    slapd - 2.4.31-1+nmu2ubuntu8.5+esm2

    Ubuntu 12.04 ESM
    slapd - 2.4.28-1.1ubuntu4.10

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * USN-4352-1
    * CVE-2020-12243

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From bugz_ubuntu@21:4/110 to Ubuntu Users on Wednesday, May 06, 2020 16:10:04
    112
    openldap vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 20.04 LTS
    * Ubuntu 19.10
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    OpenLDAP could be made to crash if it received specially crafted
    network traffic.

    Software Description

    * openldap - Lightweight Directory Access Protocol

    Details

    It was discovered that OpenLDAP incorrectly handled certain
    queries. A remote attacker could possibly use this issue to cause
    OpenLDAP to consume resources, resulting in a denial of service.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 20.04 LTS
    slapd - 2.4.49+dfsg-2ubuntu1.2

    Ubuntu 19.10
    slapd - 2.4.48+dfsg-1ubuntu1.1

    Ubuntu 18.04 LTS
    slapd - 2.4.45+dfsg-1ubuntu1.5

    Ubuntu 16.04 LTS
    slapd - 2.4.42+dfsg-2ubuntu3.8

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * CVE-2020-12243

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)