An update for openldap is now available for openEuler-20.03-LTS and openEuler-20.03-LTS-SP1
Security Advisory
openeuler-security@openeuler.org
openEuler security committee
openEuler-SA-2021-1062
Final
1.0
1.0
2021-03-05
Initial
2021-03-05
2021-03-05
openEuler SA Tool V1.0
2021-03-05
openldap security update
An update for openldap is now available for openEuler-20.03-LTS and openEuler-20.03-LTS-SP1.
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP.
Security Fix(es):
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.(CVE-2020-36228)
A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.(CVE-2020-36227)
A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.(CVE-2020-36226)
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.(CVE-2020-36230)
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).(CVE-2020-36221)
A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.(CVE-2020-36222)
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.(CVE-2020-36224)
A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).(CVE-2020-36223)
A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.(CVE-2020-36225)
A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.(CVE-2020-36229)
An update for openldap is now available for openEuler-20.03-LTS and openEuler-20.03-LTS-SP1.
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
High
openldap
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1062
https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-36228
https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-36227
https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-36226
https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-36230
https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-36221
https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-36222
https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-36224
https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-36223
https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-36225
https://openeuler.org/en/security/cve/detail.html?id=CVE-2020-36229
https://nvd.nist.gov/vuln/detail/CVE-2020-36228
https://nvd.nist.gov/vuln/detail/CVE-2020-36227
https://nvd.nist.gov/vuln/detail/CVE-2020-36226
https://nvd.nist.gov/vuln/detail/CVE-2020-36230
https://nvd.nist.gov/vuln/detail/CVE-2020-36221
https://nvd.nist.gov/vuln/detail/CVE-2020-36222
https://nvd.nist.gov/vuln/detail/CVE-2020-36224
https://nvd.nist.gov/vuln/detail/CVE-2020-36223
https://nvd.nist.gov/vuln/detail/CVE-2020-36225
https://nvd.nist.gov/vuln/detail/CVE-2020-36229
openEuler-20.03-LTS
openEuler-20.03-LTS-SP1
openldap-servers-2.4.50-3.oe1.aarch64.rpm
openldap-debugsource-2.4.50-3.oe1.aarch64.rpm
openldap-debuginfo-2.4.50-3.oe1.aarch64.rpm
openldap-clients-2.4.50-3.oe1.aarch64.rpm
openldap-2.4.50-3.oe1.aarch64.rpm
openldap-devel-2.4.50-3.oe1.aarch64.rpm
openldap-servers-2.4.50-3.oe1.aarch64.rpm
openldap-debugsource-2.4.50-3.oe1.aarch64.rpm
openldap-debuginfo-2.4.50-3.oe1.aarch64.rpm
openldap-clients-2.4.50-3.oe1.aarch64.rpm
openldap-2.4.50-3.oe1.aarch64.rpm
openldap-devel-2.4.50-3.oe1.aarch64.rpm
openldap-help-2.4.50-3.oe1.noarch.rpm
openldap-help-2.4.50-3.oe1.noarch.rpm
openldap-2.4.50-3.oe1.src.rpm
openldap-2.4.50-3.oe1.src.rpm
openldap-2.4.50-3.oe1.x86_64.rpm
openldap-clients-2.4.50-3.oe1.x86_64.rpm
openldap-devel-2.4.50-3.oe1.x86_64.rpm
openldap-debugsource-2.4.50-3.oe1.x86_64.rpm
openldap-servers-2.4.50-3.oe1.x86_64.rpm
openldap-debuginfo-2.4.50-3.oe1.x86_64.rpm
openldap-2.4.50-3.oe1.x86_64.rpm
openldap-clients-2.4.50-3.oe1.x86_64.rpm
openldap-devel-2.4.50-3.oe1.x86_64.rpm
openldap-debugsource-2.4.50-3.oe1.x86_64.rpm
openldap-servers-2.4.50-3.oe1.x86_64.rpm
openldap-debuginfo-2.4.50-3.oe1.x86_64.rpm
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.
2021-03-05
CVE-2020-36228
openEuler-20.03-LTS
openEuler-20.03-LTS-SP1
High
7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
openldap security update
2021-03-05
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1062
A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.
2021-03-05
CVE-2020-36227
openEuler-20.03-LTS
openEuler-20.03-LTS-SP1
High
7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
openldap security update
2021-03-05
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1062
A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.
2021-03-05
CVE-2020-36226
openEuler-20.03-LTS
openEuler-20.03-LTS-SP1
High
7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
openldap security update
2021-03-05
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1062
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.
2021-03-05
CVE-2020-36230
openEuler-20.03-LTS
openEuler-20.03-LTS-SP1
High
7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
openldap security update
2021-03-05
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1062
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).
2021-03-05
CVE-2020-36221
openEuler-20.03-LTS
openEuler-20.03-LTS-SP1
High
7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
openldap security update
2021-03-05
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1062
A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.
2021-03-05
CVE-2020-36222
openEuler-20.03-LTS
openEuler-20.03-LTS-SP1
High
7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
openldap security update
2021-03-05
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1062
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
2021-03-05
CVE-2020-36224
openEuler-20.03-LTS
openEuler-20.03-LTS-SP1
High
7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
openldap security update
2021-03-05
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1062
A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).
2021-03-05
CVE-2020-36223
openEuler-20.03-LTS
openEuler-20.03-LTS-SP1
High
7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
openldap security update
2021-03-05
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1062
A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
2021-03-05
CVE-2020-36225
openEuler-20.03-LTS
openEuler-20.03-LTS-SP1
High
7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
openldap security update
2021-03-05
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1062
A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.
2021-03-05
CVE-2020-36229
openEuler-20.03-LTS
openEuler-20.03-LTS-SP1
High
7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
openldap security update
2021-03-05
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1062