[SECURITY] [DLA 309-1] openldap security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 309-1] openldap security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Mon, 14 Sep 2015 22:28:48 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.02.1509142225280.15432@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : openldap
Version        : 2.4.23-7.3+deb6u2
CVE ID         : CVE-2015-6908
Debian Bug     : 798622

Denis Andzakovic discovered that OpenLDAP, a free implementation of the
Lightweight Directory Access Protocol, does not properly handle BER
data. An unauthenticated remote attacker can use this flaw to cause a
denial of service (slapd daemon crash) via a specially crafted packet.

The Squeeze-LTS package has been prepared by Ryan Tandy.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJV9y4AXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHayEQAIf4JunhEb5mGmUo8sSMkG9I
xdRjk4+RJyGd7/V7nDJXJZITVJIX301isGOPHOmmKZOXBBlWm5+6UxzxvuMp83Kd
j28s/gRQBp7Gx2e5Ue5wYl/88EvKacs2i4LyQulTd2PhQWZc2gvQ86C+B/EsUBdy
fO6PKOHswjqg/uE1ivEwVcR/AHBKqAg+eHDuEYmqF5R1QVzt6mMTXNU/N/iYktoI
rnmmUqiOqb3wImaCCGl1BL/qV7o4Ou89pnNj5nRM2bm0L9xaVK9qFxvXCP9EuWm2
832otgFv0obTfid0Sikoe6NP3p6JVfjnDLN4LERpNB1oWH8a+dlZdygzsvIefctz
bXVKNEPPCnweGKQcPVBdSLut3EocTBm/ryS2KIMEw54onwAfDcnCGKp0R0Er71z6
qqTABUwuGR5x9Yq7m3opzNgtBoSJYX4cPQiZ7Vmfta7GlnjL4Cjwk+EtBiohsTLG
aY2p839nROg+EgaTPLy/F8qAT5F1Lr/EJVslAecTtlNWvMOED3t2jrF64tyNKqIC
Z/w1hGr6+G/wB9KkFtNBXaCJncpsPlqA+X/yLxN203DXffZfEs0Yt8Vnxhi5TWAK
CsaWvQ3DsxSYwczAhrgRAxFhTp+1GQ3VayA1bxM7zuw0X9sQbrg5cx/r4EGixTBZ
V52qiiFu5iuiwSKGZ79Y
=DYJ/
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 306-1] libvdpau security update
Next by Date: [SECURITY] [DLA 311-1] rpcbind security update
Previous by thread: [SECURITY] [DLA 306-1] libvdpau security update
Next by thread: [SECURITY] [DLA 311-1] rpcbind security update
Index(es):
- Date
- Thread