[ubuntu/groovy-proposed] openldap 2.4.49+dfsg-2ubuntu2 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Wed May 6 12:36:13 UTC 2020
openldap (2.4.49+dfsg-2ubuntu2) groovy; urgency=medium
* SECURITY UPDATE: denial of service via nested search filters
- debian/patches/CVE-2020-12243.patch: limit depth of nested filters in
servers/slapd/filter.c.
- debian/patches/fix_test_timing.patch: fix FTBFS on riscv64 because of
test timing issue.
- CVE-2020-12243
Date: Fri, 01 May 2020 13:09:12 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/openldap/2.4.49+dfsg-2ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 01 May 2020 13:09:12 -0400
Source: openldap
Architecture: source
Version: 2.4.49+dfsg-2ubuntu2
Distribution: groovy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
openldap (2.4.49+dfsg-2ubuntu2) groovy; urgency=medium
.
* SECURITY UPDATE: denial of service via nested search filters
- debian/patches/CVE-2020-12243.patch: limit depth of nested filters in
servers/slapd/filter.c.
- debian/patches/fix_test_timing.patch: fix FTBFS on riscv64 because of
test timing issue.
- CVE-2020-12243
Checksums-Sha1:
901931558a778a217837b6b92012347212442747 3128 openldap_2.4.49+dfsg-2ubuntu2.dsc
65599b0b90aa9d75ed4a1713f70771614e03ad4d 181980 openldap_2.4.49+dfsg-2ubuntu2.debian.tar.xz
f2aa4fa68d1d02414d9e9c03bdd11788b0d066af 8428 openldap_2.4.49+dfsg-2ubuntu2_source.buildinfo
Checksums-Sha256:
9b626cfd44cae61d7ee99fedc1525c413a4f7a4b1a33b3473c137a75beb4e429 3128 openldap_2.4.49+dfsg-2ubuntu2.dsc
f47e26e68a1a6cd868ce652949454a6ad7e83b7de7452fcda51d65359044329b 181980 openldap_2.4.49+dfsg-2ubuntu2.debian.tar.xz
be8a8a325fc332547755aef692954839f29d17712c336420ed7e21cff5a28c6e 8428 openldap_2.4.49+dfsg-2ubuntu2_source.buildinfo
Files:
fcf919421cdeecf52bf5311f962314e5 3128 net optional openldap_2.4.49+dfsg-2ubuntu2.dsc
6f9f35a19efeceda1bf68ed0f08dae97 181980 net optional openldap_2.4.49+dfsg-2ubuntu2.debian.tar.xz
5e3f15ec32ea7f7d37ddccaaf87e9278 8428 net optional openldap_2.4.49+dfsg-2ubuntu2_source.buildinfo
Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl6yrZYACgkQZWnYVadE
vpMLrg//Sv3qpjk9AE56tT/M4bng8isP3rHWnu+ipW5bh7C0vhcud0k5ASTbQ0MS
pGJIvdOyyoW0mv2N8dJ5NM18b3BPhByCdVALGZxbv0PEykrV91Sylki4f34/OWeQ
5QXX+zmtdPhUGZ8le0K8CfEn1DPUyCixyIojHeJ6jQXGQhchE3pdmzO/r10aCWXc
WeXpAKPUs3/2i9HU+CgX642QMwiNBILaewFd4MtZkXgp3bUbjyn3mWOtt6uMYb+s
adCfrjD46RWbkjwdBI/BWEe7UyeTe8iLI/GwjfwB4pCQXjZBPgGQS08003soOQ4J
V4Sj454RfgmniLOG24a8sJoeohvmscr0eUqQPnI5/K6oumo3wSIumzZ7r2rMJWRE
qsc7SwINougpgB/5a5ypFVEln7zzysLuDJmjUxs85vU9twPuwRbiCPnoddTGoQom
1hXZ63t+V636MZIiTLGnOXp0/tWc1tV84EkWZYtFvcGE+9JTlFVg6I7u849+82WR
jhWC2u14mbx7EHXV/cvcrOEPeTG2/DGFsBQlTvg88Jic3imTaxZP0wVm89rtzpP5
Lw0Jp9vePaZHZbnVwGWWucEYbaM5UBwgSbOiGFtsbbXaGKW/aS2oIW86TUWs6uJc
a6aeT9LKO8W2ZRKyizkN3nRruvLsfpf/X0uBk7OO7gBuWTWN0lU=
=u5/5
-----END PGP SIGNATURE-----
More information about the Groovy-changes
mailing list