[SECURITY] [DLA 1699-1] ldb security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1699-1] ldb security update
From: Adrian Bunk <bunk@debian.org>
Date: Fri, 1 Mar 2019 08:19:41 +0200
Message-id: <[🔎] 20190301061941.GA6773@localhost>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : ldb
Version        : 2:1.1.20-0+deb8u2
CVE ID         : CVE-2019-3824

Garming Sam reported an out-of-bounds read in the ldb_wildcard_compare()
function of ldb, a LDAP-like embedded database, resulting in denial of
service.

For Debian 8 "Jessie", this problem has been fixed in version
2:1.1.20-0+deb8u2.

We recommend that you upgrade your ldb packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAlx4zvoACgkQiNJCh6LY
mLGEvA/+PFRunD1LXsWr2oOlwR1cFJaDnUV1RkTVtHb1sYz/db1VqCkkROviNG/N
ku0eojBRj4hSsxnPeBLbbHhXa10FQWK/iBAN5io3PGJdbxn2Y6kR0XWFKHosCK6r
xrugEyvbqaq3rQjUzonLIDoG1JjItbQMs/m4Q1FUDZSjEv5/Hz+RbJwLaw7TLVzR
gr8sM8tbQ8hZDJmRyXHvpr2v61f+MmGD3k4f5PisVyD/4sg/5Ao46dJ/Y7wHzF2G
pg/bxY7Ly0LyQexSvwzxkODuoJdvk/iFRsVqgbhhGIffgbNvlcS2dUtL9j4R+W+r
YVv0XODG5t7GqU8wYdsMjcjCmdS6N+bMfplUd4GkbtD/jovbaq3wNHoWhy7A0pQb
sa5BjQWjs4C0DFqhYfDy9eXrvRVAflWgq1z7SYvUpHkgGoIgua+Tf+Pmtuwa1Bdx
OUPVNZa4Zrm3Op0GhIebLrj6L440maDPorEwP08GL4ZH5bNLmf3i6KqfIE19fxG+
tm9CjcXGkGmMI9HGiWnVySPvVRo6aqi2p166W2Yosb/fAxceOw0ippnip260Ek4U
8p2G43Ca4aOgWHNSx9DigW+NXjgq5FEzo8BQktENckKfuESE9Us4Rlnf3UK3EPK9
1BX6FH9X+n6NkdHBqiN9nFf4UEDsHcJMoytjbWsUHZ+9NUpcKdE=
=N2il
-----END PGP SIGNATURE-----

Reply to:

Next by Date: [SECURITY] [DLA 1700-1] uw-imap security update
Next by thread: [SECURITY] [DLA 1700-1] uw-imap security update
Index(es):
- Date
- Thread