openldap2.2 (2.2.26-5ubuntu2.9) dapper-security; urgency=low
* SECURITY UPDATE: SSL certificate bypass with NULL CN byte.
- libraries/libldap/tls.c: get the last CN and check for length match.
-
http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_o.c.diff?r1=1.8&r2=1.12
- CVE-2009-3767
Date: Wed, 11 Nov 2009 11:53:46 -0500
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Torsten Landschoff <[email protected]>
https://launchpad.net/ubuntu/dapper/+source/openldap2.2/2.2.26-5ubuntu2.9
Format: 1.7
Date: Wed, 11 Nov 2009 11:53:46 -0500
Source: openldap2.2
Binary: slapd ldap-utils libldap-2.2-7
Architecture: source
Version: 2.2.26-5ubuntu2.9
Distribution: dapper-security
Urgency: low
Maintainer: Torsten Landschoff <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description:
ldap-utils - OpenLDAP utilities
libldap-2.2-7 - OpenLDAP libraries
slapd - OpenLDAP server (slapd)
Changes:
openldap2.2 (2.2.26-5ubuntu2.9) dapper-security; urgency=low
.
* SECURITY UPDATE: SSL certificate bypass with NULL CN byte.
- libraries/libldap/tls.c: get the last CN and check for length match.
-
http://www.openldap.org/devel/cvsweb.cgi/libraries/libldap/tls_o.c.diff?r1=1.8&r2=1.12
- CVE-2009-3767
Files:
5a95dae94a1016fbcf41c1c1992ea8e6 1028 net optional
openldap2.2_2.2.26-5ubuntu2.9.dsc
098a03b4f7d511ce730e9647deca2072 516098 net optional
openldap2.2_2.2.26-5ubuntu2.9.diff.gz
--
dapper-changes mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/dapper-changes
