[Bug 742104] Re: OpenLDAP remote DoS: CVE-2011-1081
This bug was fixed in the package openldap - 2.4.23-6ubuntu6 --- openldap (2.4.23-6ubuntu6) natty; urgency=low * SECURITY UPDATE: fix successful anonymous bind via chain overlay when using forwarded authentication failures - debian/patches/CVE-2011-1024 - CVE-2011-1024 * SECURITY UPDATE: verify password when authenticating to rootdn and using ndb backend. Note: Ubuntu is not compiled with --enable-ndb by default - debian/patches/CVE-2011-1025 - CVE-2011-1025 * SECURITY UPDATE: fix DoS when processing unauthenticated modrdn requests and requestDN is empty - debian/patches/CVE-2011-1081 - CVE-2011-1081 - LP: #742104 -- Jamie Strandboge ja...@ubuntu.com Thu, 07 Apr 2011 11:36:53 -0500 ** Changed in: openldap (Ubuntu Natty) Status: In Progress = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1024 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-1025 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/742104 Title: OpenLDAP remote DoS: CVE-2011-1081 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 742104] Re: OpenLDAP remote DoS: CVE-2011-1081
https://lists.ubuntu.com/archives/ubuntu-security- announce/2011-March/001293.html ** Also affects: openldap (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: openldap (Ubuntu Karmic) Importance: Undecided Status: New ** Also affects: openldap (Ubuntu Natty) Importance: Undecided Assignee: Jamie Strandboge (jdstrand) Status: In Progress ** Also affects: openldap (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: openldap (Ubuntu Maverick) Importance: Undecided Status: New ** Changed in: openldap (Ubuntu Lucid) Status: New = Fix Released ** Changed in: openldap (Ubuntu Lucid) Importance: Undecided = Medium ** Changed in: openldap (Ubuntu Lucid) Assignee: (unassigned) = Jamie Strandboge (jdstrand) ** Changed in: openldap (Ubuntu Maverick) Status: New = Fix Released ** Changed in: openldap (Ubuntu Maverick) Importance: Undecided = Medium ** Changed in: openldap (Ubuntu Maverick) Assignee: (unassigned) = Jamie Strandboge (jdstrand) ** Changed in: openldap (Ubuntu Hardy) Status: New = Fix Released ** Changed in: openldap (Ubuntu Hardy) Importance: Undecided = Medium ** Changed in: openldap (Ubuntu Hardy) Assignee: (unassigned) = Jamie Strandboge (jdstrand) ** Changed in: openldap (Ubuntu Karmic) Status: New = Fix Released ** Changed in: openldap (Ubuntu Karmic) Importance: Undecided = Medium ** Changed in: openldap (Ubuntu Karmic) Assignee: (unassigned) = Jamie Strandboge (jdstrand) ** Changed in: openldap (Ubuntu Natty) Importance: Undecided = Medium ** Changed in: openldap (Ubuntu Natty) Milestone: None = ubuntu-11.04-beta-2 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/742104 Title: OpenLDAP remote DoS: CVE-2011-1081 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 742104] Re: OpenLDAP remote DoS: CVE-2011-1081
Thank you for using Ubuntu and reporting a bug. Packages are already being prepared to address this vulnerability. ** Visibility changed to: Public ** Changed in: openldap (Ubuntu) Status: New = In Progress ** Changed in: openldap (Ubuntu) Assignee: (unassigned) = Jamie Strandboge (jdstrand) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/742104 Title: OpenLDAP remote DoS: CVE-2011-1081 -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs