** Summary changed:
- [SRU] denial of service via an LDAP search query with attrsOnly set to true
(CVE-2012-1164)
+ [SRU] denial of service via an LDAP search query (CVE-2012-1164,
CVE-2013-4449, CVE-2015-1545)
--
You received this bug notification because you are a member of Ubuntu
Server Tea
ACK on the debdiffs, I've uploaded them for building. (I removed the
extra patch, and changed the pocket to -security).
What testing did you perform on these?
** Also affects: openldap (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: openldap (Ubuntu Utopic)
Import
Marc,
I tested these patches against two scenarios: 1) single node with
default configuration and phpldapadmin, 2) a two nodes scenario, 1 node
configures a relay and translucent proxy and connects to the second one
which has a default configuration. For details of each configuration
please see at
This bug was fixed in the package openldap - 2.4.31-1+nmu2ubuntu11.1
---
openldap (2.4.31-1+nmu2ubuntu11.1) utopic-security; urgency=medium
* SECURITY UPDATE: fix rwm overlay reference counting. (LP: #1446809)
- debian/patches/CVE-2013-4449.patch: fix reference counting
- CV
This bug was fixed in the package openldap - 2.4.31-1+nmu2ubuntu12.1
---
openldap (2.4.31-1+nmu2ubuntu12.1) vivid-security; urgency=medium
* SECURITY UPDATE: fix rwm overlay reference counting. (LP: #1446809)
- debian/patches/CVE-2013-4449.patch: fix reference counting
- CVE
This bug was fixed in the package openldap - 2.4.28-1.1ubuntu4.5
---
openldap (2.4.28-1.1ubuntu4.5) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via an LDAP search query
with attrsOnly set to true. (LP: #1446809)
- debian/patches/CVE-2012-1164.1.patc
This bug was fixed in the package openldap - 2.4.31-1+nmu2ubuntu8.1
---
openldap (2.4.31-1+nmu2ubuntu8.1) trusty-security; urgency=medium
* SECURITY UPDATE: fix rwm overlay reference counting. (LP: #1446809)
- debian/patches/CVE-2013-4449.patch: fix reference counting
- CVE-
** Changed in: openldap (Ubuntu Precise)
Assignee: (unassigned) => Felipe Reyes (freyes)
** Changed in: openldap (Ubuntu Trusty)
Assignee: (unassigned) => Felipe Reyes (freyes)
** Changed in: openldap (Ubuntu Utopic)
Assignee: (unassigned) => Felipe Reyes (freyes)
** Changed in: o