*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Marc Deslauriers (mdeslaur):
The vulnerability is caused due to an off-by-one error in the "UTF8StringNormalize()" function when NULL terminating a string. This can be exploited to crash the daemon via e.g. an empty "postalAddressAttribute" value. The fix is in GIT repository since 6.Oct.2011 - http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=507238713b71208ec4f262f312cb495a302df9e9 ** Affects: openldap (Ubuntu) Importance: Undecided Status: New -- OpenLDAP "UTF8StringNormalize()" Off-by-One Denial of Service Vulnerability https://bugs.launchpad.net/bugs/884163 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
