Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15
patchinfo.18481
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.18481
<patchinfo incident="18481"> <issue tracker="bnc" id="1182413">VUL-0: CVE-2020-36227: openldap2: Infinite loop in slapd with the cancel_extop Cancel operation</issue> <issue tracker="bnc" id="1182416">VUL-0: CVE-2020-36225: openldap2: Double free in the saslAuthzTo processing</issue> <issue tracker="bnc" id="1182419">VUL-0: CVE-2020-36222: openldap2: Assertion failure in slapd in the saslAuthzTo validation</issue> <issue tracker="bnc" id="1182415">VUL-0: CVE-2020-36226: openldap2: Denial of service via length miscalculation in slap_parse_user</issue> <issue tracker="bnc" id="1182418">VUL-0: CVE-2020-36223: openldap2: Out-of-bounds read in Values Return Filter</issue> <issue tracker="bnc" id="1182420">VUL-0: CVE-2020-36221: openldap2: Integer underflow in serialNumberAndIssuerCheck in schema_init.c</issue> <issue tracker="bnc" id="1182417">VUL-0: CVE-2020-36224: openldap2: Invalid pointer free in the saslAuthzTo processing</issue> <issue tracker="bnc" id="1182412">VUL-0: CVE-2020-36228: openldap2: Integer underflow in issuerAndThisUpdateCheck in schema_init.c</issue> <issue tracker="bnc" id="1182279">VUL-0: CVE-2021-27212: openldap2,openldap2-client,openldap2-client-openssl1: A malicious packet can force OpenLDAP to fail an assertion and crash</issue> <issue tracker="bnc" id="1182408">VUL-0: CVE-2020-36230: openldap2: Assertion failure in ber_next_element in decode.c</issue> <issue tracker="bnc" id="1182411">VUL-0: CVE-2020-36229: openldap2: Type confusion in ad_keystring in ad.c</issue> <issue tracker="cve" id="2021-27212"/> <issue tracker="cve" id="2020-36229"/> <issue tracker="cve" id="2020-36228"/> <issue tracker="cve" id="2020-36226"/> <issue tracker="cve" id="2020-36222"/> <issue tracker="cve" id="2020-36221"/> <issue tracker="cve" id="2020-36224"/> <issue tracker="cve" id="2020-36223"/> <issue tracker="cve" id="2020-36227"/> <issue tracker="cve" id="2020-36225"/> <issue tracker="cve" id="2020-36230"/> <packager>firstyear</packager> <rating>important</rating> <category>security</category> <summary>Security update for openldap2</summary> <description>This update for openldap2 fixes the following issues: - bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. - bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the Certificate List Exact Assertion processing, resulting in denial of service. - bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. - bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. - bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). - bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). - bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor