Your message dated Tue, 13 Nov 2007 00:32:05 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#448644: fixed in openldap2.3 2.3.39-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: slapd
Version: 2.3.38
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for slapd.
CVE-2007-5708[0]:
Name: CVE-2007-5708
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5708
Reference: MISC:http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163
Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440632
Reference: MLIST:[openldap-announce] 20071026 OpenLDAP 2.3.39 available
Reference:
URL:http://www.openldap.org/lists/openldap-announce/200710/msg00001.html
Reference: BID:26245
Reference: URL:http://www.securityfocus.com/bid/26245
Reference: FRSIRT:ADV-2007-3645
Reference: URL:http://www.frsirt.com/english/advisories/2007/3645
Reference: SECUNIA:27424
Reference: URL:http://secunia.com/advisories/27424
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39,
when running as a proxy-caching server, allocates memory using a
malloc variant instead of calloc, which prevents an array from being
initiialized properly and might allow attackers to cause a denial of
service (segmentation fault) via unknown vectors that prevent the
array from being null terminated.
This information is not yet on the mitre site but it seems to be public.
A fix for this can be found on:
http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/overlays/pcache.c.diff?r1=1.41.2.20&r2=1.41.2.21&hideattic=1&sortbydate=0
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpmnfxJa1o0B.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: openldap2.3
Source-Version: 2.3.39-1
We believe that the bug you reported is fixed in the latest version of
openldap2.3, which is due to be installed in the Debian FTP archive:
ldap-utils_2.3.39-1_i386.deb
to pool/main/o/openldap2.3/ldap-utils_2.3.39-1_i386.deb
libldap-2.3-0-dbg_2.3.39-1_i386.deb
to pool/main/o/openldap2.3/libldap-2.3-0-dbg_2.3.39-1_i386.deb
libldap-2.3-0_2.3.39-1_i386.deb
to pool/main/o/openldap2.3/libldap-2.3-0_2.3.39-1_i386.deb
openldap2.3_2.3.39-1.diff.gz
to pool/main/o/openldap2.3/openldap2.3_2.3.39-1.diff.gz
openldap2.3_2.3.39-1.dsc
to pool/main/o/openldap2.3/openldap2.3_2.3.39-1.dsc
openldap2.3_2.3.39.orig.tar.gz
to pool/main/o/openldap2.3/openldap2.3_2.3.39.orig.tar.gz
slapd-dbg_2.3.39-1_i386.deb
to pool/main/o/openldap2.3/slapd-dbg_2.3.39-1_i386.deb
slapd_2.3.39-1_i386.deb
to pool/main/o/openldap2.3/slapd_2.3.39-1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Russ Allbery <[EMAIL PROTECTED]> (supplier of updated openldap2.3 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 12 Nov 2007 16:00:47 -0800
Source: openldap2.3
Binary: slapd ldap-utils libldap-2.3-0-dbg libldap-2.3-0 slapd-dbg
Architecture: source i386
Version: 2.3.39-1
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenLDAP Maintainers <[EMAIL PROTECTED]>
Changed-By: Russ Allbery <[EMAIL PROTECTED]>
Description:
ldap-utils - OpenLDAP utilities
libldap-2.3-0 - OpenLDAP libraries
libldap-2.3-0-dbg - Debugging information for OpenLDAP libraries
slapd - OpenLDAP server (slapd)
slapd-dbg - Debugging information for the OpenLDAP server (slapd)
Closes: 435290 442191 444806 448644
Changes:
openldap2.3 (2.3.39-1) unstable; urgency=medium
.
* Medium severity due to denial of service fix.
* New upstream release.
- CVE-2007-5708: Fix remote denial of service attack in slapo-pcache
(the overlay for proxy caching). (Closes: #448644)
- Multiple additional more minor bug fixes.
* Document in the default slapd.conf that dbconfig options only generate
the DB_CONFIG file on first slapd start and have no effect afterwards
unless DB_CONFIG is removed. (Closes: #442191)
* Inline the checkpoint and BerkeleyDB backend settings in the default
slapd.conf rather than generating them dynamically in postinst. All
the allowable default database choices are now BerekelyDB variants and
will probably continue to be so for the forseeable future, and this is
easier to maintain.
* Drop debconf questions, warnings, and maintainer script functions
dealing with upgrades from OpenLDAP 2.1, which is now too hold for
supported direct upgrades. (Closes: #444806)
* Add a watch file. Thanks, Fernando Ribeiro. (Closes: #435290)
* Add Homepage, Vcs-Svn, and Vcs-Browser control fields.
Files:
37f762395a60773e771abac2e1dbbe84 1370 net optional openldap2.3_2.3.39-1.dsc
b1c6bb8c470de9e24fe7ad49161353d3 2959307 net optional
openldap2.3_2.3.39.orig.tar.gz
67124f10e97d7c6705e3430aa9fed8c1 150258 net optional
openldap2.3_2.3.39-1.diff.gz
725b940fccf3798bc3c004c10fc227f0 1200758 net optional slapd_2.3.39-1_i386.deb
133722587b0b24084623d08a1b34bb9e 204270 net optional
ldap-utils_2.3.39-1_i386.deb
0e10da831409b046d09f4844b47d20c9 314590 libs optional
libldap-2.3-0_2.3.39-1_i386.deb
0dc8a13ab272514e406bd1ec8490f2d5 567548 libdevel extra
libldap-2.3-0-dbg_2.3.39-1_i386.deb
9a334a61f6225feff326238278635025 2993268 net extra slapd-dbg_2.3.39-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHOO47+YXjQAr8dHYRApoSAKDKLsaJjaaPe2ki7v17p+/m6x8x1wCgteDM
6C3VUSDU3OlyRncQn8Y+xNk=
=zJNq
-----END PGP SIGNATURE-----
--- End Message ---
