https://bugs.openldap.org/show_bug.cgi?id=9883
Issue ID: 9883
Summary: OpenLDAP version 2.4.44 for CentoOS 7.9 contains
several CVEs
Product: OpenLDAP
Version: 2.4.44
Hardware: x86_64
OS: Linux
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: libraries
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
Hello,
My name is Meirav Rath, I'm a software developer and security champion at
Imperva.
As part of our effort to map security risks in our products I've been scanning
our 3rd party rpms for vulnerabilities. It looks like OpenLDAP version 2.4.44
for CentOS 7.9 has the following security issues:
1. CVE-2020-36229 - https://nvd.nist.gov/vuln/detail/CVE-2020-36229
2. CVE-2019-13565 - https://nvd.nist.gov/vuln/detail/CVE-2019-13565
3. CVE-2020-36223 - https://nvd.nist.gov/vuln/detail/CVE-2020-36223
4. CVE-2020-36222 - https://nvd.nist.gov/vuln/detail/CVE-2020-36222
5. CVE-2019-13057 - https://nvd.nist.gov/vuln/detail/CVE-2019-13057
6. CVE-2021-27212 - https://nvd.nist.gov/vuln/detail/CVE-2021-27212
7. CVE-2020-36226 - https://nvd.nist.gov/vuln/detail/CVE-2020-36226
8. CVE-2020-36228 - https://nvd.nist.gov/vuln/detail/CVE-2020-36228
9. CVE-2022-29155 - https://nvd.nist.gov/vuln/detail/CVE-2022-29155
10. CVE-2020-36230 - https://nvd.nist.gov/vuln/detail/CVE-2020-36230
11. CVE-2020-36225 - https://nvd.nist.gov/vuln/detail/CVE-2020-36225
12. CVE-2020-36227 - https://nvd.nist.gov/vuln/detail/CVE-2020-36227
13. CVE-2020-36224 - https://nvd.nist.gov/vuln/detail/CVE-2020-36224
14. CVE-2020-36221 - https://nvd.nist.gov/vuln/detail/CVE-2020-36221
When can we expect an updated RPM with fixes for this issues, aimed for
CentOS7.9?
Thanks.
--
You are receiving this mail because:
You are on the CC list for the issue.
