Bug#729367: marked as done (openldap: CVE-2013-4449)

[Debian Bug Tracking System]

Your message dated Fri, 15 Aug 2014 21:45:32 +0000
with message-id <e1xipju-0000ay...@franck.debian.org>
and subject line Bug#729367: fixed in openldap 2.4.39-1.1
has caused the Debian Bug report #729367,
regarding openldap: CVE-2013-4449
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
729367: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729367
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: openldap
Severity: important
Tags: security

This was assigned CVE-2013-4449:
http://www.openldap.org/its/index.cgi/Incoming?id=7723
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4449

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: openldap
Source-Version: 2.4.39-1.1

We believe that the bug you reported is fixed in the latest version of
openldap, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 729...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Gilbert <mgilb...@debian.org> (supplier of updated openldap package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 09 Aug 2014 09:26:51 +0000
Source: openldap
Binary: slapd slapd-smbk5pwd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg 
libldap2-dev slapd-dbg
Architecture: source amd64
Version: 2.4.39-1.1
Distribution: unstable
Urgency: high
Maintainer: Debian OpenLDAP Maintainers 
<pkg-openldap-de...@lists.alioth.debian.org>
Changed-By: Michael Gilbert <mgilb...@debian.org>
Description:
 ldap-utils - OpenLDAP utilities
 libldap-2.4-2 - OpenLDAP libraries
 libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries
 libldap2-dev - OpenLDAP development libraries
 slapd      - OpenLDAP server (slapd)
 slapd-dbg  - Debugging information for the OpenLDAP server (slapd)
 slapd-smbk5pwd - Keeps Samba and Kerberos passwords in sync within slapd.
Closes: 729367
Changes:
 openldap (2.4.39-1.1) unstable; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix CVE-2013-4449: reference counting logic issue (closes: #729367).
Checksums-Sha1:
 894591276f730e6a71f8a5203fe1ecc2dcfb9b39 3451 openldap_2.4.39-1.1.dsc
 80e82ecd123e6cb401cfd0e546ef660b62443256 158462 openldap_2.4.39-1.1.diff.gz
 10f247107c9c7afac3093c19f5196bcb77de40b0 1391784 slapd_2.4.39-1.1_amd64.deb
 ac0cd08d5308db06cd43ed69c0c6d711fb97dddd 79836 
slapd-smbk5pwd_2.4.39-1.1_amd64.deb
 94306c6c0e54ec4b4157b65a930734af68394711 185386 ldap-utils_2.4.39-1.1_amd64.deb
 a840db3d65821b21fd2bcc1c4fdce2a5557afa88 211920 
libldap-2.4-2_2.4.39-1.1_amd64.deb
 a05aad76e8fe441f5a6bfe6d89ba65a3df79f0be 435486 
libldap-2.4-2-dbg_2.4.39-1.1_amd64.deb
 9c4e75905aa73b2cc74fb8f009224d70b7a3399f 317574 
libldap2-dev_2.4.39-1.1_amd64.deb
 6a9edf4ad38e26f9e14e06eb06defee9f9df3e77 4834094 slapd-dbg_2.4.39-1.1_amd64.deb
Checksums-Sha256:
 5497bdd0bc38dc68cd953a0448655ab150075a33381849b74cc7bbcffe138988 3451 
openldap_2.4.39-1.1.dsc
 652851a1e38caae14c953386c56440cd408db6659fea822602a2455d97823f11 158462 
openldap_2.4.39-1.1.diff.gz
 f2943e2f7348d72b4d1288448dd261012d36d39549282ddde47b48eebc195ce3 1391784 
slapd_2.4.39-1.1_amd64.deb
 6e18fd510937ad4ba8ea0cfff860a4b5e35c3f0749ddf28d7b580829063a703c 79836 
slapd-smbk5pwd_2.4.39-1.1_amd64.deb
 86c6364fb6a9308968ef4ffb7d5c4ae4ed639556ce765598b7c9222becabd146 185386 
ldap-utils_2.4.39-1.1_amd64.deb
 f3b932b5a283827f1ebd3a3be77d3a36db2d951e0949c42f7e01226eeac1b8b6 211920 
libldap-2.4-2_2.4.39-1.1_amd64.deb
 427f5d8971a0bdb0f15f7c35a204ef4be573cebaf4e0ea0c82fef20ebd2e82f7 435486 
libldap-2.4-2-dbg_2.4.39-1.1_amd64.deb
 0706a77b4c4df9809165d7d2d2455b2e82a2a597835fca6a72108bbff3a68d90 317574 
libldap2-dev_2.4.39-1.1_amd64.deb
 64c25f030b26746c2a0e280a394059258d675826276fae9d09818f03108abcb8 4834094 
slapd-dbg_2.4.39-1.1_amd64.deb
Files:
 7b104f3b5cb8ce484c88e3abdf4c1255 1391784 net optional 
slapd_2.4.39-1.1_amd64.deb
 2b0f95d76fd1b0cee2b6d3aec22e37f2 79836 net extra 
slapd-smbk5pwd_2.4.39-1.1_amd64.deb
 ee35631e6fec675ebadf3d3401ec9724 185386 net optional 
ldap-utils_2.4.39-1.1_amd64.deb
 0a9f30cc5005f6902998650ba986509b 211920 libs standard 
libldap-2.4-2_2.4.39-1.1_amd64.deb
 f5503fa79f1ecb7b92d8607590e3371f 435486 debug extra 
libldap-2.4-2-dbg_2.4.39-1.1_amd64.deb
 b308383f49404819edfb31c60d93f53d 317574 libdevel extra 
libldap2-dev_2.4.39-1.1_amd64.deb
 89aab22ac2ff99bcbaa839e690afdcea 4834094 debug extra 
slapd-dbg_2.4.39-1.1_amd64.deb
 cc1d1dd613d462cb48241b7c9009e025 3451 net optional openldap_2.4.39-1.1.dsc
 ea91534413e2eb88f0da270f83eac27a 158462 net optional 
openldap_2.4.39-1.1.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQQcBAEBCgAGBQJT588hAAoJELjWss0C1vRzlLAf/RBZQWTN8K46zPKxc1DwBwVg
8QoVzrXz/xlBBY9Z1NXeMBoGLQt/odrSPn7g2xyvOrvlL53zydrVHkNNpehDzy1e
F0sbvap+rHzGcu9+SRJPwnSqi0kYadqpclxYiWCWZC2qeeUuCRRIIK0FSFLntLPg
A+sPwM5LIVhXOll4pj0ZryyLkiGABgULCeg+qWknk7mdkWf9iI3MOV9091qsaCqB
xiW+9XYJa3kPXisooibKeDYNPaClxMh6/MlMGmaMA3I2NmkBQl+UheSdOmiwpyW/
vL1arNeH3lG75qZyU+0+UMQu+PT7r0X1ab8LLC4KVpv7r4oOeL3ttN/RvjENYjhX
c4zDnDIFEkNEMBFOitCy0Uc3c207Twv2nIv+lFJHHqA3U+lM1ZDz6VG7a+K0lUVq
oXTHghghQPb4XKHRlmt3YVxQSxxxi2vI0ADZd6fT4JjaDuB/POqQ5kSuprC4o5De
6C1RXFSKUuo4919gQLblNnRsEoSrKLPwSGTz/IY6zeqs9SmexwZ+QHcfX2pgpZW8
cSqT8aggPpQ9W8MxkzpxyH37UzRj0EDZ8CKlxMV52P9Rkg+zmCA4FkP4ToyVY9zd
dqvM8aD108eeSBdI0JWByn4Z7CnlrYXRLeAoo48KSfrhn+E1qV97QKugUIs9baw9
+ybduK1nfCE8Gj2YWvusQmgkVnJp0CwHATS8gQj3nOVeoCgKcrmdNBve61BT2ZY5
97qLl/Fd/YIEWuPiO0v/YuVHFj6wehfcBO9iej4yGhMpUdWKksV0d+4zvpn/uMl3
TcwFRZyFf0UAl2resV6CfgtSZu5l77tuhjRLhDF2dbPUP7xRljG91fxFvUyAtnKW
k2BRxTdiigyepEk/nSW57QO3u3s8H6ZBqJOH7veJRSd1X5ZYbz4do38d+IgUGyJh
wSEyY1WnVw7vuragSOMnosjFJMiwuzMyLxx7liFQNce7Zzqz5eYE/T7KYtV4BIg3
a3ktwa9BQ9+/4pG9yZQed+blGzKdyBWazJFEWkYiqXmYogxgZENgM3ExXVjSUghc
ycIiy+Jn8lbEsQ7gaYIXS+V7DMEbL9xVBTFlXrHMKJPr+HNVdaQiHi+uauyw3W30
rNF9ZQYIW/Mc7IgOXyeSmkPnexB9EIDjgvzSa7K9dBdufndq4yduRDLgC91WYu+M
MZf/qs1LOxfM/97YGsctGnw3VO+MDskEl5je92kUVGNcIBVRUec24wLTks/i1sBO
2xo5KvsBk9VzCZAPWIzDimAcy5DyHOq1URRXx2Lk5mECf2Vrcrmz+c71yi3S6J1B
VxxEfbCgXHGQm1+VqsBjW2Odp63nGFMz3zAR+OGP4hvlXioMGF3sZ4VPYysymgg=
=bffs
-----END PGP SIGNATURE-----

--- End Message ---