Public bug reported: [Impact]
* slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned. * Trusty ships 2.4.31 which comes with a fix for this. [Test Case] TBD [Regression Potential] TBD [Other Info] * Upstream bug report http://www.openldap.org/its/index.cgi/Software%2520Bugs?id=7143 * http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-1164.html ** Affects: openldap (Ubuntu) Importance: Undecided Status: New ** Tags: cts -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1446809 Title: denial of service via an LDAP search query with attrsOnly set to true (CVE-2012-1164) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1446809/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
