[Bug 884163] Re: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability
This bug was fixed in the package openldap - 2.4.25-1.1ubuntu4.1 --- openldap (2.4.25-1.1ubuntu4.1) oneiric-security; urgency=low * SECURITY UPDATE: potential denial of service (LP: #884163) - debian/patches/CVE-2011-4079: fix off by one error in postalAddressNormalize() - CVE-2011-4079 -- Jamie Strandboge ja...@ubuntu.com Mon, 14 Nov 2011 13:22:54 -0600 ** Changed in: openldap (Ubuntu Oneiric) Status: Fix Committed = Fix Released ** Changed in: openldap (Ubuntu Natty) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/884163 Title: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/884163/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884163] Re: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability
This bug was fixed in the package openldap - 2.4.23-6ubuntu6.1 --- openldap (2.4.23-6ubuntu6.1) natty-security; urgency=low * SECURITY UPDATE: potential denial of service (LP: #884163) - debian/patches/CVE-2011-4079: fix off by one error in postalAddressNormalize() - CVE-2011-4079 -- Jamie Strandboge ja...@ubuntu.com Mon, 14 Nov 2011 13:29:39 -0600 ** Changed in: openldap (Ubuntu Maverick) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/884163 Title: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/884163/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884163] Re: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability
This bug was fixed in the package openldap - 2.4.23-0ubuntu3.7 --- openldap (2.4.23-0ubuntu3.7) maverick-security; urgency=low * SECURITY UPDATE: potential denial of service (LP: #884163) - debian/patches/CVE-2011-4079: fix off by one error in postalAddressNormalize() - CVE-2011-4079 -- Jamie Strandboge ja...@ubuntu.com Mon, 14 Nov 2011 13:30:50 -0600 ** Changed in: openldap (Ubuntu Lucid) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/884163 Title: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/884163/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884163] Re: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability
This bug was fixed in the package openldap - 2.4.21-0ubuntu5.6 --- openldap (2.4.21-0ubuntu5.6) lucid-security; urgency=low * SECURITY UPDATE: potential denial of service (LP: #884163) - debian/patches/CVE-2011-4079: fix off by one error in postalAddressNormalize() - CVE-2011-4079 -- Jamie Strandboge ja...@ubuntu.com Mon, 14 Nov 2011 13:32:11 -0600 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/884163 Title: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/884163/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884163] Re: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability
Hardy's openldap2.3 does not have postalAddressValidate(), which is the only known function to pass UTF8StringNormalize() a 0 length string. ** Changed in: openldap (Ubuntu Hardy) Status: In Progress = Invalid ** Changed in: openldap (Ubuntu Hardy) Assignee: Jamie Strandboge (jdstrand) = (unassigned) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/884163 Title: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/884163/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884163] Re: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability
** Changed in: openldap (Ubuntu Lucid) Status: In Progress = Fix Committed ** Changed in: openldap (Ubuntu Maverick) Status: In Progress = Fix Committed ** Changed in: openldap (Ubuntu Natty) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/884163 Title: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/884163/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884163] Re: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability
** Changed in: openldap (Ubuntu Precise) Status: In Progress = Fix Committed ** Changed in: openldap (Ubuntu Oneiric) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/884163 Title: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/884163/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884163] Re: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability
This bug was fixed in the package openldap - 2.4.25-3ubuntu2 --- openldap (2.4.25-3ubuntu2) precise; urgency=low * SECURITY UPDATE: potential denial of service (LP: #884163) - debian/patches/CVE-2011-4079: fix off by one error in postalAddressNormalize() - CVE-2011-4079 -- Jamie Strandboge ja...@ubuntu.com Mon, 14 Nov 2011 13:59:56 -0600 ** Changed in: openldap (Ubuntu Precise) Status: Fix Committed = Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-4079 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/884163 Title: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/884163/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884163] Re: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability
** Changed in: openldap (Ubuntu) Assignee: (unassigned) = Jamie Strandboge (jdstrand) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/884163 Title: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/884163/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884163] Re: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability
** Changed in: openldap (Ubuntu) Status: Confirmed = In Progress ** Also affects: openldap (Ubuntu Maverick) Importance: Undecided Status: New ** Also affects: openldap (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: openldap (Ubuntu Natty) Importance: Undecided Status: New ** Also affects: openldap (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: openldap (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: openldap (Ubuntu Precise) Importance: Medium Assignee: Jamie Strandboge (jdstrand) Status: In Progress ** Changed in: openldap (Ubuntu Lucid) Status: New = In Progress ** Changed in: openldap (Ubuntu Lucid) Importance: Undecided = Medium ** Changed in: openldap (Ubuntu Lucid) Assignee: (unassigned) = Jamie Strandboge (jdstrand) ** Changed in: openldap (Ubuntu Maverick) Status: New = In Progress ** Changed in: openldap (Ubuntu Maverick) Importance: Undecided = Medium ** Changed in: openldap (Ubuntu Maverick) Assignee: (unassigned) = Jamie Strandboge (jdstrand) ** Changed in: openldap (Ubuntu Natty) Status: New = In Progress ** Changed in: openldap (Ubuntu Natty) Importance: Undecided = Medium ** Changed in: openldap (Ubuntu Natty) Assignee: (unassigned) = Jamie Strandboge (jdstrand) ** Changed in: openldap (Ubuntu Oneiric) Status: New = In Progress ** Changed in: openldap (Ubuntu Oneiric) Importance: Undecided = Medium ** Changed in: openldap (Ubuntu Oneiric) Assignee: (unassigned) = Jamie Strandboge (jdstrand) ** Changed in: openldap (Ubuntu Hardy) Status: New = In Progress ** Changed in: openldap (Ubuntu Hardy) Importance: Undecided = Medium ** Changed in: openldap (Ubuntu Hardy) Assignee: (unassigned) = Jamie Strandboge (jdstrand) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/884163 Title: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/884163/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 884163] Re: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability
** Visibility changed to: Public ** Visibility changed to: Public ** Changed in: openldap (Ubuntu) Status: New = Confirmed ** Changed in: openldap (Ubuntu) Importance: Undecided = Medium -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/884163 Title: OpenLDAP UTF8StringNormalize() Off-by-One Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/884163/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
