Download
| Alert*
oval:org.secpod.oval:def:89000163
openldap2 is installed oval:org.secpod.oval:def:400697 openldap2 sub packages are installed oval:org.secpod.oval:def:89000379 This update for openldap2 fixes the following issues: - CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND=quot;ldapquot; was used . - Changed DB_CONFIG to root:ldap permissions . oval:org.secpod.oval:def:89000529 This update for openldap2 fixes the following issues: - CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND=quot;ldapquot; was used . - Changed DB_CONFIG to root:ldap permissions . - Fixed an issue where slapd becomes unresponsive after many fai ... oval:org.secpod.oval:def:89002362 This update for openldap2 fixes the following issues: Security issue fixed: - CVE-2017-17740: When both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service via a member MODDN oper ... oval:org.secpod.oval:def:89002999 This update for openldap2 fixes the following issues: - CVE-2020-12243: Fixed a denial of service related to recursive filters . oval:org.secpod.oval:def:89002946 This update for openldap2 fixes the following issues: - CVE-2020-12243: Fixed a denial of service related to recursive filters . oval:org.secpod.oval:def:3301186 SUSE Security Update: Security update for openldap2 oval:org.secpod.oval:def:89050490 This update for openldap2 fixes the following issues: - bsc#1174154 - CVE-2020-15719 - This resolves an issue with x509 SAN"s falling back to CN validation in violation of rfc6125. oval:org.secpod.oval:def:89000317 This update for openldap2 fixes the following issues: - CVE-2020-8027: openldap_update_modules_path.sh starts daemons unconditionally and uses fixed paths in /tmp . oval:org.secpod.oval:def:89050413 This update for openldap2 fixes the following issues: - CVE-2020-8027: openldap_update_modules_path.sh starts daemons unconditionally and uses fixed paths in /tmp . oval:org.secpod.oval:def:89047624 This update for openldap2 fixes the following issues: - CVE-2022-29155: Fixed SQL injection in back-sql . oval:org.secpod.oval:def:89045185 This update fixes the following security issue: - CVE-2015-6908. Passing a crafted packet to the function ber_get_next, an attacker may cause a remote denial of service, crashing the OpenLDAP server . oval:org.secpod.oval:def:89000162 This update for openldap2 fixes the following issues: - CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules . oval:org.secpod.oval:def:89000403 This update for openldap2 fixes the following issues: - CVE-2020-25692: Fixed an unauthenticated remote denial of service due to incorrect validation of modrdn equality rules . oval:org.secpod.oval:def:89047149 This update for openldap2 fixes the following issues: - bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, result ... oval:org.secpod.oval:def:89050741 This update for openldap2 fixes the following issues: Security issue fixed: - CVE-2019-13565: Fixed an authentication bypass when using SASL authentication and session encryption . - CVE-2019-13057: Fixed an issue with delegated database admin privileges . - CVE-2017-17740: When both the nops module ... oval:org.secpod.oval:def:89003110 This update for openldap2 fixes the following issues: Security issues fixed: - CVE-2019-13565: Fixed ssf memory reuse that leads to incorrect authorization of another connection, granting excess connection rights . - CVE-2019-13057: Fixed rootDN of a backend that may proxyauth incorrectly to anothe ... oval:org.secpod.oval:def:400696 This update fixes the following security issues: - CVE-2015-6908: The ber_get_next function allowed remote attackers to cause a denial of service via crafted BER data, as demonstrated by an attack against slapd. - CVE-2015-4000: Fix weak Diffie-Hellman size vulnerability. It also fixes the follow ... oval:org.secpod.oval:def:89048948 This update for openldap2 fixes the following issues: * CVE-2023-2953: Fixed null pointer deref in ber_memalloc_x . oval:org.secpod.oval:def:89048950 This update for openldap2 fixes the following issues: * CVE-2023-2953: Fixed null pointer deref in ber_memalloc_x . |