Nom du paquet
openldap
Date
2008-07-11
Advisory ID
MDVSA-2008:144
Affected versions
CS4.0 i586 , CS4.0 x86_64 , MNF2.0 i586 , 2008.0 i586 , 2007.1 i586 , CS3.0 x86_64 , 2008.0 x86_64 , CS3.0 i586 , 2008.1 x86_64 , 2008.1 i586 , 2007.1 x86_64

Problem description

A denial of service vulnerability was discovered in the way
the OpenLDAP slapd daemon processed certain network messages.
An unauthenticated remote attacker could send a specially crafted
request that would crash the slapd daemon (CVE-2008-2952).

The updated packages have been patched to correct this issue.

Updated packages

CS4.0 i586

 4bbabc70a3d09e2d626fd6635f7e9fdf  corporate/4.0/i586/libldap2.3_0-2.3.27-1.5.20060mlcs4.i586.rpm
 07a93b45a178a856622ab26dc930f9e7  corporate/4.0/i586/libldap2.3_0-devel-2.3.27-1.5.20060mlcs4.i586.rpm
 2dd28ef4d64923bc4d9ff6e288388766  corporate/4.0/i586/libldap2.3_0-static-devel-2.3.27-1.5.20060mlcs4.i586.rpm
 27335d3c1aaaebe2e91218a2916a5bf5  corporate/4.0/i586/openldap-2.3.27-1.5.20060mlcs4.i586.rpm
 d5dd7dcd6da6a076e82304f9c3732359  corporate/4.0/i586/openldap-clients-2.3.27-1.5.20060mlcs4.i586.rpm
 66e560cf5fdd7b40ca8912bd50fe9bfe  corporate/4.0/i586/openldap-doc-2.3.27-1.5.20060mlcs4.i586.rpm
 a86cec1efe6d398eea49121fb1d99743  corporate/4.0/i586/openldap-servers-2.3.27-1.5.20060mlcs4.i586.rpm 
 e79a7b77a51ca7d1494e63d9e540cf6e  corporate/4.0/SRPMS/openldap-2.3.27-1.5.20060mlcs4.src.rpm

CS4.0 x86_64

 77eb2e8e4b559c842ee2cf26942bf14a  corporate/4.0/x86_64/lib64ldap2.3_0-2.3.27-1.5.20060mlcs4.x86_64.rpm
 07dc6b62bb7779e44850e65c9989e2df  corporate/4.0/x86_64/lib64ldap2.3_0-devel-2.3.27-1.5.20060mlcs4.x86_64.rpm
 0e6d8674391773ae16ac3935f88eb854  corporate/4.0/x86_64/lib64ldap2.3_0-static-devel-2.3.27-1.5.20060mlcs4.x86_64.rpm
 3709c17bbb86240ec55de1f641b31999  corporate/4.0/x86_64/openldap-2.3.27-1.5.20060mlcs4.x86_64.rpm
 3f7beed090d81e14b1282e2df31e1e3c  corporate/4.0/x86_64/openldap-clients-2.3.27-1.5.20060mlcs4.x86_64.rpm
 6e56cef1e11dc58bf92391a39ed6de55  corporate/4.0/x86_64/openldap-doc-2.3.27-1.5.20060mlcs4.x86_64.rpm
 71304ff480236f2e2a5aad362b11ae86  corporate/4.0/x86_64/openldap-servers-2.3.27-1.5.20060mlcs4.x86_64.rpm 
 e79a7b77a51ca7d1494e63d9e540cf6e  corporate/4.0/SRPMS/openldap-2.3.27-1.5.20060mlcs4.src.rpm

MNF2.0 i586

 859f2d22ac31ccd817b67bb9613ce1a3  mnf/2.0/i586/libldap2-2.1.25-7.4.C30mdk.i586.rpm
 86683db3fc26228fc622bbdc71b20fd2  mnf/2.0/i586/openldap-2.1.25-7.4.C30mdk.i586.rpm 
 18cccde6a7c77db78b3b0cf3bfecb3a7  mnf/2.0/SRPMS/openldap-2.1.25-7.4.C30mdk.src.rpm

2008.0 i586

 4c9fc0e275ad67be72d4998742409213  2008.0/i586/libldap2.3_0-2.3.38-3.3mdv2008.0.i586.rpm
 e5e9f04d154ec3024cd50e8239abe520  2008.0/i586/libldap2.3_0-devel-2.3.38-3.3mdv2008.0.i586.rpm
 3635a18a93d28e738002240d943f362d  2008.0/i586/libldap2.3_0-static-devel-2.3.38-3.3mdv2008.0.i586.rpm
 e4a110af57342c2178014037f5d5dfe8  2008.0/i586/openldap-2.3.38-3.3mdv2008.0.i586.rpm
 9d6894efabdc7d041404fa0e962f9f63  2008.0/i586/openldap-clients-2.3.38-3.3mdv2008.0.i586.rpm
 528903a4e078aaf862d8b01d73836102  2008.0/i586/openldap-doc-2.3.38-3.3mdv2008.0.i586.rpm
 c2c40e7693802ca6bcd6d135c1cd28fe  2008.0/i586/openldap-servers-2.3.38-3.3mdv2008.0.i586.rpm
 8aa66a86adb881a175759a1a2c854feb  2008.0/i586/openldap-testprogs-2.3.38-3.3mdv2008.0.i586.rpm
 5f1de962ffc5181edf5a805aca3a363a  2008.0/i586/openldap-tests-2.3.38-3.3mdv2008.0.i586.rpm 
 5a681abe6041b1c62cf11aeebf213742  2008.0/SRPMS/openldap-2.3.38-3.3mdv2008.0.src.rpm

2007.1 i586

 0f52157174c6699ff1d2121e38de45c8  2007.1/i586/libldap2.3_0-2.3.34-5.3mdv2007.1.i586.rpm
 fb8f6a26fd7b5b8757deda8ff9b9582b  2007.1/i586/libldap2.3_0-devel-2.3.34-5.3mdv2007.1.i586.rpm
 56033462430c83ad66a0012def277114  2007.1/i586/libldap2.3_0-static-devel-2.3.34-5.3mdv2007.1.i586.rpm
 a375be48666c1c17f31360b678ac9837  2007.1/i586/openldap-2.3.34-5.3mdv2007.1.i586.rpm
 ab55bec4117e1c154936c4e9f02a0f08  2007.1/i586/openldap-clients-2.3.34-5.3mdv2007.1.i586.rpm
 1305f02755d31d5d34177433b23298b5  2007.1/i586/openldap-doc-2.3.34-5.3mdv2007.1.i586.rpm
 682cf672c0615de06743ffec5c715133  2007.1/i586/openldap-servers-2.3.34-5.3mdv2007.1.i586.rpm
 8825d3d0750952faa62949e17bf035cb  2007.1/i586/openldap-testprogs-2.3.34-5.3mdv2007.1.i586.rpm
 7154ce5f0552fe300558fe7f98576a7d  2007.1/i586/openldap-tests-2.3.34-5.3mdv2007.1.i586.rpm 
 83227efae1cc5176674c5784a9dc1981  2007.1/SRPMS/openldap-2.3.34-5.3mdv2007.1.src.rpm

CS3.0 x86_64

 f0f9e254c2d6c46f94a8e28b8ad37875  corporate/3.0/x86_64/lib64ldap2-2.1.25-7.4.C30mdk.x86_64.rpm
 8f0428fee538e620608e86661656019e  corporate/3.0/x86_64/lib64ldap2-devel-2.1.25-7.4.C30mdk.x86_64.rpm
 445c0351649acf21428e69524a4fbae6  corporate/3.0/x86_64/lib64ldap2-devel-static-2.1.25-7.4.C30mdk.x86_64.rpm
 dc7b5e43b757ed0f86a50c4bb58a59ba  corporate/3.0/x86_64/openldap-2.1.25-7.4.C30mdk.x86_64.rpm
 0cdfe461a66bd4820ef4857e28f221d5  corporate/3.0/x86_64/openldap-back_dnssrv-2.1.25-7.4.C30mdk.x86_64.rpm
 01662c67f86babc9252fa01b283e7779  corporate/3.0/x86_64/openldap-back_ldap-2.1.25-7.4.C30mdk.x86_64.rpm
 2a63ca4cbfc2ce100b03c70b9c0ff751  corporate/3.0/x86_64/openldap-back_passwd-2.1.25-7.4.C30mdk.x86_64.rpm
 79fd098e9b3b97cb31f5d9465f95016d  corporate/3.0/x86_64/openldap-back_sql-2.1.25-7.4.C30mdk.x86_64.rpm
 00797d8218f1b977644065f21d8d7b67  corporate/3.0/x86_64/openldap-clients-2.1.25-7.4.C30mdk.x86_64.rpm
 c25a458fe3074290bfb92cde6530a0a1  corporate/3.0/x86_64/openldap-doc-2.1.25-7.4.C30mdk.x86_64.rpm
 4350076efbc8a262789679d623c8dca4  corporate/3.0/x86_64/openldap-migration-2.1.25-7.4.C30mdk.x86_64.rpm
 327eee43fadad8e494fa1b528340803b  corporate/3.0/x86_64/openldap-servers-2.1.25-7.4.C30mdk.x86_64.rpm 
 fed0ad96f94c8dad5fce017d7d2d021f  corporate/3.0/SRPMS/openldap-2.1.25-7.4.C30mdk.src.rpm

2008.0 x86_64

 3e65131309d63d6707d590b38b55d95c  2008.0/x86_64/lib64ldap2.3_0-2.3.38-3.3mdv2008.0.x86_64.rpm
 ca78ba175c240bea9132a3f7ec7e4cbe  2008.0/x86_64/lib64ldap2.3_0-devel-2.3.38-3.3mdv2008.0.x86_64.rpm
 afdcbb77df8dd1f89434cb2c2c696eef  2008.0/x86_64/lib64ldap2.3_0-static-devel-2.3.38-3.3mdv2008.0.x86_64.rpm
 28e8db2809bb7db0852b8d6958ebda08  2008.0/x86_64/openldap-2.3.38-3.3mdv2008.0.x86_64.rpm
 2d1f1f15b0244ddf9c6fb919580877e6  2008.0/x86_64/openldap-clients-2.3.38-3.3mdv2008.0.x86_64.rpm
 e7e29cfd38f809ab426b8146ce111dbf  2008.0/x86_64/openldap-doc-2.3.38-3.3mdv2008.0.x86_64.rpm
 f8194ae6a59feaf0b9a18e379c851bc2  2008.0/x86_64/openldap-servers-2.3.38-3.3mdv2008.0.x86_64.rpm
 d1a09d2828dceb73c96423622379f884  2008.0/x86_64/openldap-testprogs-2.3.38-3.3mdv2008.0.x86_64.rpm
 a009374a704ca03db13b2203514ba28b  2008.0/x86_64/openldap-tests-2.3.38-3.3mdv2008.0.x86_64.rpm 
 5a681abe6041b1c62cf11aeebf213742  2008.0/SRPMS/openldap-2.3.38-3.3mdv2008.0.src.rpm

CS3.0 i586

 523563312aa5200d57800e37c160bd7a  corporate/3.0/i586/libldap2-2.1.25-7.4.C30mdk.i586.rpm
 71ead08ad9b3b3cf4a167036a58f4fcb  corporate/3.0/i586/libldap2-devel-2.1.25-7.4.C30mdk.i586.rpm
 035e2b766fb36fdcc26cf388ca7ceb27  corporate/3.0/i586/libldap2-devel-static-2.1.25-7.4.C30mdk.i586.rpm
 2cf032c67236e41169cbfd994edf70b1  corporate/3.0/i586/openldap-2.1.25-7.4.C30mdk.i586.rpm
 10c4c874e2215c598405aaaaaa9713df  corporate/3.0/i586/openldap-back_dnssrv-2.1.25-7.4.C30mdk.i586.rpm
 ca159113880a1a4fff26fcce208b3e17  corporate/3.0/i586/openldap-back_ldap-2.1.25-7.4.C30mdk.i586.rpm
 ddb5273208a4480ec4a109466e700dae  corporate/3.0/i586/openldap-back_passwd-2.1.25-7.4.C30mdk.i586.rpm
 e3f576f01e6282ea471e99f6abf132b2  corporate/3.0/i586/openldap-back_sql-2.1.25-7.4.C30mdk.i586.rpm
 2b9684d2781334d397d7d73e40c66ab1  corporate/3.0/i586/openldap-clients-2.1.25-7.4.C30mdk.i586.rpm
 3fd599fd464df8309bec907dfabc2ce7  corporate/3.0/i586/openldap-doc-2.1.25-7.4.C30mdk.i586.rpm
 b5db061549ee45504ff53bfd8d070db1  corporate/3.0/i586/openldap-migration-2.1.25-7.4.C30mdk.i586.rpm
 a0f0c2a6451618d2aaf9b05ee976c6bc  corporate/3.0/i586/openldap-servers-2.1.25-7.4.C30mdk.i586.rpm 
 fed0ad96f94c8dad5fce017d7d2d021f  corporate/3.0/SRPMS/openldap-2.1.25-7.4.C30mdk.src.rpm

2008.1 x86_64

 c54197e4d97a2758b37cb72157952336  2008.1/x86_64/lib64ldap2.4_2-2.4.8-2.1mdv2008.1.x86_64.rpm
 458b51be06713be97e0993b341ceff50  2008.1/x86_64/lib64ldap2.4_2-devel-2.4.8-2.1mdv2008.1.x86_64.rpm
 11cf44ea102ba1f0d23ba252cf02fd07  2008.1/x86_64/lib64ldap2.4_2-static-devel-2.4.8-2.1mdv2008.1.x86_64.rpm
 31fc462e90721207d3b94ae237dc8de6  2008.1/x86_64/openldap-2.4.8-2.1mdv2008.1.x86_64.rpm
 8aa988bee2cc7293fb775f36fce9cc4a  2008.1/x86_64/openldap-clients-2.4.8-2.1mdv2008.1.x86_64.rpm
 78da20185974ca76b79826b59b2a88bf  2008.1/x86_64/openldap-doc-2.4.8-2.1mdv2008.1.x86_64.rpm
 23074581371f6d23a2d4c8eeb635bf43  2008.1/x86_64/openldap-servers-2.4.8-2.1mdv2008.1.x86_64.rpm
 c974dc6ecdf7d983b313f29b1af3fb57  2008.1/x86_64/openldap-testprogs-2.4.8-2.1mdv2008.1.x86_64.rpm
 b3ae070ce9476d323dce1551f8f574ba  2008.1/x86_64/openldap-tests-2.4.8-2.1mdv2008.1.x86_64.rpm 
 cdbcb9a1dce093c6bb081a107fce2d0a  2008.1/SRPMS/openldap-2.4.8-2.1mdv2008.1.src.rpm

2008.1 i586

 6bd87a7abfc1e649ca8b99a990662f8b  2008.1/i586/libldap2.4_2-2.4.8-2.1mdv2008.1.i586.rpm
 3bbce9528d32a9b7ffc15424da735627  2008.1/i586/libldap2.4_2-devel-2.4.8-2.1mdv2008.1.i586.rpm
 46d8bba1791024fe7258363472e4e08c  2008.1/i586/libldap2.4_2-static-devel-2.4.8-2.1mdv2008.1.i586.rpm
 434e683ce9354b72534ed2bf0efbbb25  2008.1/i586/openldap-2.4.8-2.1mdv2008.1.i586.rpm
 932123782287c683661ab7e2635ce414  2008.1/i586/openldap-clients-2.4.8-2.1mdv2008.1.i586.rpm
 794d7863e56a2fff81319ebdad3999b7  2008.1/i586/openldap-doc-2.4.8-2.1mdv2008.1.i586.rpm
 affcb8a7576a6ecc359e96fb4237547b  2008.1/i586/openldap-servers-2.4.8-2.1mdv2008.1.i586.rpm
 3405560209e83a6230ded41663b39684  2008.1/i586/openldap-testprogs-2.4.8-2.1mdv2008.1.i586.rpm
 1c1a6f5b55eae1083c22d135e84371a0  2008.1/i586/openldap-tests-2.4.8-2.1mdv2008.1.i586.rpm 
 cdbcb9a1dce093c6bb081a107fce2d0a  2008.1/SRPMS/openldap-2.4.8-2.1mdv2008.1.src.rpm

2007.1 x86_64

 0161c4dac99b2fd6497a8fc6263eba36  2007.1/x86_64/lib64ldap2.3_0-2.3.34-5.3mdv2007.1.x86_64.rpm
 c488d8a01c3962ac23a66f6a92deed12  2007.1/x86_64/lib64ldap2.3_0-devel-2.3.34-5.3mdv2007.1.x86_64.rpm
 c82eab05b6d2fcc2eff29343a2a2126a  2007.1/x86_64/lib64ldap2.3_0-static-devel-2.3.34-5.3mdv2007.1.x86_64.rpm
 8677ab05d48db2ef80ef09e3dcd600ab  2007.1/x86_64/openldap-2.3.34-5.3mdv2007.1.x86_64.rpm
 2b9d51f03034231f4a1e96ff20dd405f  2007.1/x86_64/openldap-clients-2.3.34-5.3mdv2007.1.x86_64.rpm
 a11ad0df7c6789c5aed0efda1e0db443  2007.1/x86_64/openldap-doc-2.3.34-5.3mdv2007.1.x86_64.rpm
 bbba1002c2453250e655cb14b3d70971  2007.1/x86_64/openldap-servers-2.3.34-5.3mdv2007.1.x86_64.rpm
 c15170fedbbf33b8090c67d8d4f1b0c3  2007.1/x86_64/openldap-testprogs-2.3.34-5.3mdv2007.1.x86_64.rpm
 a01092fbeb4008b42b6dd32f9c4881ce  2007.1/x86_64/openldap-tests-2.3.34-5.3mdv2007.1.x86_64.rpm 
 83227efae1cc5176674c5784a9dc1981  2007.1/SRPMS/openldap-2.3.34-5.3mdv2007.1.src.rpm

References