Nom du paquet
openldap
Date
2007-11-08
Advisory ID
MDKSA-2007:215
Affected versions
2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS4.0 i586 , 2008.0 x86_64 , CS4.0 x86_64 , 2008.0 i586 , 2007.1 x86_64

Problem description

A flaw in the way OpenLDAP's slapd daemon handled malformed
objectClasses LDAP attributes was discovered. A local or remote
attacker could create an LDAP request that could cause a denial of
service by crashing slapd.

Updated packages have been patched to prevent this issue.

Updated packages

2007.0 x86_64

 d8a439e437a439350da6b65584caddc6  2007.0/x86_64/lib64ldap2.3_0-2.3.27-2.1mdv2007.0.x86_64.rpm
 bef35c75c2b93fec631eec753b5d5077  2007.0/x86_64/lib64ldap2.3_0-devel-2.3.27-2.1mdv2007.0.x86_64.rpm
 295144808211b11b2d15b95b70530c83  2007.0/x86_64/lib64ldap2.3_0-static-devel-2.3.27-2.1mdv2007.0.x86_64.rpm
 60f883fc552b7c721c62fb4375cfa424  2007.0/x86_64/openldap-2.3.27-2.1mdv2007.0.x86_64.rpm
 313cf766d90eccb323567a6b04068b5f  2007.0/x86_64/openldap-clients-2.3.27-2.1mdv2007.0.x86_64.rpm
 5ef7bd9c107e123c7dca5362c79139e1  2007.0/x86_64/openldap-doc-2.3.27-2.1mdv2007.0.x86_64.rpm
 d63cb5025784abfaea4a0cbd22886ae1  2007.0/x86_64/openldap-servers-2.3.27-2.1mdv2007.0.x86_64.rpm 
 86b5713488b4f7e75d8b8bd7b27e196a  2007.0/SRPMS/openldap-2.3.27-2.1mdv2007.0.src.rpm

2007.1 i586

 4eb932863d525cfe8373e7a1ff7b2f61  2007.1/i586/libldap2.3_0-2.3.34-5.1mdv2007.1.i586.rpm
 729ab87fdcc53ba6b8a57f59c8ec13b6  2007.1/i586/libldap2.3_0-devel-2.3.34-5.1mdv2007.1.i586.rpm
 b126cb0874c37daece7da3079204c0dd  2007.1/i586/libldap2.3_0-static-devel-2.3.34-5.1mdv2007.1.i586.rpm
 d98e583a89ce91248d4f39e63f74657d  2007.1/i586/openldap-2.3.34-5.1mdv2007.1.i586.rpm
 11edea4916bae05f986cdb072d869a62  2007.1/i586/openldap-clients-2.3.34-5.1mdv2007.1.i586.rpm
 97117ab361fdf1a9f51261d51c58f55b  2007.1/i586/openldap-doc-2.3.34-5.1mdv2007.1.i586.rpm
 04634dc3afa3c82046eb947433657da9  2007.1/i586/openldap-servers-2.3.34-5.1mdv2007.1.i586.rpm
 3fb25795eccc8cb878b79e79ba7ea8c2  2007.1/i586/openldap-testprogs-2.3.34-5.1mdv2007.1.i586.rpm
 698093af72677ba3128bd8e5fcfb9797  2007.1/i586/openldap-tests-2.3.34-5.1mdv2007.1.i586.rpm 
 731ba86f6727fba78dbdf2a2d4db94e8  2007.1/SRPMS/openldap-2.3.34-5.1mdv2007.1.src.rpm

2007.0 i586

 990b5aeb43c3ea1dd23420461fe94ab7  2007.0/i586/libldap2.3_0-2.3.27-2.1mdv2007.0.i586.rpm
 3e5b2fbecdfa897d3a74766a351e7286  2007.0/i586/libldap2.3_0-devel-2.3.27-2.1mdv2007.0.i586.rpm
 7176847954932e5ecb4d6d18a1d9c042  2007.0/i586/libldap2.3_0-static-devel-2.3.27-2.1mdv2007.0.i586.rpm
 10f8498a321119191000744b02d18887  2007.0/i586/openldap-2.3.27-2.1mdv2007.0.i586.rpm
 4cfdea3452a7e090f8e66557651ff59b  2007.0/i586/openldap-clients-2.3.27-2.1mdv2007.0.i586.rpm
 dfb71eaff593062b8282e38487e06aca  2007.0/i586/openldap-doc-2.3.27-2.1mdv2007.0.i586.rpm
 0b588b4912175400326652048b9a36d1  2007.0/i586/openldap-servers-2.3.27-2.1mdv2007.0.i586.rpm 
 86b5713488b4f7e75d8b8bd7b27e196a  2007.0/SRPMS/openldap-2.3.27-2.1mdv2007.0.src.rpm

CS4.0 i586

 cf74ff35e45729f5841351f2876bc060  corporate/4.0/i586/libldap2.3_0-2.3.27-1.3.20060mlcs4.i586.rpm
 c637c2433d50e7ce06d5ce75c0e66e76  corporate/4.0/i586/libldap2.3_0-devel-2.3.27-1.3.20060mlcs4.i586.rpm
 91f637ffdd60c7eaf6cac6276b6d9222  corporate/4.0/i586/libldap2.3_0-static-devel-2.3.27-1.3.20060mlcs4.i586.rpm
 f9a692121f89f1b8cfedd09bcb2ba826  corporate/4.0/i586/openldap-2.3.27-1.3.20060mlcs4.i586.rpm
 8f82f25657e30d3fe0cc2e6c43b1a554  corporate/4.0/i586/openldap-clients-2.3.27-1.3.20060mlcs4.i586.rpm
 c8d6eedb16cb9bed5e5f7ec54736cac3  corporate/4.0/i586/openldap-doc-2.3.27-1.3.20060mlcs4.i586.rpm
 49453a80d1a9b4daf55aaa04ed2e22e2  corporate/4.0/i586/openldap-servers-2.3.27-1.3.20060mlcs4.i586.rpm 
 14cf9599f47960f3e4746e9a2c3a08fa  corporate/4.0/SRPMS/openldap-2.3.27-1.3.20060mlcs4.src.rpm

2008.0 x86_64

 b46e3c386708d787222626f2f5fbc5dc  2008.0/x86_64/lib64ldap2.3_0-2.3.38-3.1mdv2008.0.x86_64.rpm
 b86b907bfdb5f3c0b27784c0866fa138  2008.0/x86_64/lib64ldap2.3_0-devel-2.3.38-3.1mdv2008.0.x86_64.rpm
 cea3279b4b7125f91a5e7858eafb41d4  2008.0/x86_64/lib64ldap2.3_0-static-devel-2.3.38-3.1mdv2008.0.x86_64.rpm
 a77426dd17937c41f5a07d798280a65d  2008.0/x86_64/openldap-2.3.38-3.1mdv2008.0.x86_64.rpm
 62e1af8046e1d8c5e370e12616ca0067  2008.0/x86_64/openldap-clients-2.3.38-3.1mdv2008.0.x86_64.rpm
 66925a2a912aff397f8d23e53c00d38a  2008.0/x86_64/openldap-doc-2.3.38-3.1mdv2008.0.x86_64.rpm
 4ea64bf15e0f58d14685495a15d12cfe  2008.0/x86_64/openldap-servers-2.3.38-3.1mdv2008.0.x86_64.rpm
 8fc77afac4f74b247e5dabcfcc5cea30  2008.0/x86_64/openldap-testprogs-2.3.38-3.1mdv2008.0.x86_64.rpm
 d6a9a8b7d9cc7a950283676a8660da7d  2008.0/x86_64/openldap-tests-2.3.38-3.1mdv2008.0.x86_64.rpm 
 3ac07bb280afa2b9f74fbbaa3f4d25dd  2008.0/SRPMS/openldap-2.3.38-3.1mdv2008.0.src.rpm

CS4.0 x86_64

 b0e3d280a508277c687cc263cf4d855f  corporate/4.0/x86_64/lib64ldap2.3_0-2.3.27-1.3.20060mlcs4.x86_64.rpm
 5a8f28372fb919782b1d88873cd3df95  corporate/4.0/x86_64/lib64ldap2.3_0-devel-2.3.27-1.3.20060mlcs4.x86_64.rpm
 68f0b5b39cfda0c73d119ca23568f126  corporate/4.0/x86_64/lib64ldap2.3_0-static-devel-2.3.27-1.3.20060mlcs4.x86_64.rpm
 78cb5b44f186e888f16a285ea1cf2652  corporate/4.0/x86_64/openldap-2.3.27-1.3.20060mlcs4.x86_64.rpm
 949ad44ec9dca6bb5674c94268375f5f  corporate/4.0/x86_64/openldap-clients-2.3.27-1.3.20060mlcs4.x86_64.rpm
 f30129d801f09dc718afc3adf8c0f844  corporate/4.0/x86_64/openldap-doc-2.3.27-1.3.20060mlcs4.x86_64.rpm
 8ab38aeaf800a5aeb8716a6b8ad33cfa  corporate/4.0/x86_64/openldap-servers-2.3.27-1.3.20060mlcs4.x86_64.rpm 
 14cf9599f47960f3e4746e9a2c3a08fa  corporate/4.0/SRPMS/openldap-2.3.27-1.3.20060mlcs4.src.rpm

2008.0 i586

 e5df28e9704d3b5e115695cb7af2d18b  2008.0/i586/libldap2.3_0-2.3.38-3.1mdv2008.0.i586.rpm
 62eeb6293a57adad633e2135ab8a497b  2008.0/i586/libldap2.3_0-devel-2.3.38-3.1mdv2008.0.i586.rpm
 cb276f257e6ba73d1c252eb645903b40  2008.0/i586/libldap2.3_0-static-devel-2.3.38-3.1mdv2008.0.i586.rpm
 4e1c9d488e0cc6779713dc09564e8bf9  2008.0/i586/openldap-2.3.38-3.1mdv2008.0.i586.rpm
 be6e42008448d22bc0fe39cba2633df6  2008.0/i586/openldap-clients-2.3.38-3.1mdv2008.0.i586.rpm
 7ff11984059160f386a2d237670da66b  2008.0/i586/openldap-doc-2.3.38-3.1mdv2008.0.i586.rpm
 0d52a73bb95045876d9aabcf76bd44a9  2008.0/i586/openldap-servers-2.3.38-3.1mdv2008.0.i586.rpm
 c1e7fb4f4671f9a2e4d31f383f75a2dc  2008.0/i586/openldap-testprogs-2.3.38-3.1mdv2008.0.i586.rpm
 8ce02cb4e9948a7f238d6e1d1edea3e9  2008.0/i586/openldap-tests-2.3.38-3.1mdv2008.0.i586.rpm 
 3ac07bb280afa2b9f74fbbaa3f4d25dd  2008.0/SRPMS/openldap-2.3.38-3.1mdv2008.0.src.rpm

2007.1 x86_64

 bd9e124e1ed617f684d7d5599309e9a3  2007.1/x86_64/lib64ldap2.3_0-2.3.34-5.1mdv2007.1.x86_64.rpm
 aae65537b8b55b875bc65e16b521bd25  2007.1/x86_64/lib64ldap2.3_0-devel-2.3.34-5.1mdv2007.1.x86_64.rpm
 9d648a94d5f0229a57fd5941fcc55320  2007.1/x86_64/lib64ldap2.3_0-static-devel-2.3.34-5.1mdv2007.1.x86_64.rpm
 e1d8dc7ae1004ce96c6b1e0dad2a72ad  2007.1/x86_64/openldap-2.3.34-5.1mdv2007.1.x86_64.rpm
 245ce697df60a8dc820c449b3e72c031  2007.1/x86_64/openldap-clients-2.3.34-5.1mdv2007.1.x86_64.rpm
 b30b748d9e820be6aea2146883ef8551  2007.1/x86_64/openldap-doc-2.3.34-5.1mdv2007.1.x86_64.rpm
 b678945ab5688d3361a5791ca6b3d926  2007.1/x86_64/openldap-servers-2.3.34-5.1mdv2007.1.x86_64.rpm
 f5f3042e9275eadaf2a2f349085fba31  2007.1/x86_64/openldap-testprogs-2.3.34-5.1mdv2007.1.x86_64.rpm
 1d06b0fe56dcaf9f55a8031c394a7eb2  2007.1/x86_64/openldap-tests-2.3.34-5.1mdv2007.1.x86_64.rpm 
 731ba86f6727fba78dbdf2a2d4db94e8  2007.1/SRPMS/openldap-2.3.34-5.1mdv2007.1.src.rpm

References