Your message dated Sun, 18 Nov 2007 10:47:18 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#448644: fixed in openldap2.3 2.3.38-1+lenny1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: slapd
Version: 2.3.38
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for slapd.
CVE-2007-5708[0]:
Name: CVE-2007-5708
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5708
Reference: MISC:http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5163
Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440632
Reference: MLIST:[openldap-announce] 20071026 OpenLDAP 2.3.39 available
Reference:
URL:http://www.openldap.org/lists/openldap-announce/200710/msg00001.html
Reference: BID:26245
Reference: URL:http://www.securityfocus.com/bid/26245
Reference: FRSIRT:ADV-2007-3645
Reference: URL:http://www.frsirt.com/english/advisories/2007/3645
Reference: SECUNIA:27424
Reference: URL:http://secunia.com/advisories/27424
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39,
when running as a proxy-caching server, allocates memory using a
malloc variant instead of calloc, which prevents an array from being
initiialized properly and might allow attackers to cause a denial of
service (segmentation fault) via unknown vectors that prevent the
array from being null terminated.
This information is not yet on the mitre site but it seems to be public.
A fix for this can be found on:
http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/overlays/pcache.c.diff?r1=1.41.2.20&r2=1.41.2.21&hideattic=1&sortbydate=0
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
pgpMXmyZsnXap.pgp
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: openldap2.3
Source-Version: 2.3.38-1+lenny1
We believe that the bug you reported is fixed in the latest version of
openldap2.3, which is due to be installed in the Debian FTP archive:
ldap-utils_2.3.38-1+lenny1_i386.deb
to pool/main/o/openldap2.3/ldap-utils_2.3.38-1+lenny1_i386.deb
libldap-2.3-0-dbg_2.3.38-1+lenny1_i386.deb
to pool/main/o/openldap2.3/libldap-2.3-0-dbg_2.3.38-1+lenny1_i386.deb
libldap-2.3-0_2.3.38-1+lenny1_i386.deb
to pool/main/o/openldap2.3/libldap-2.3-0_2.3.38-1+lenny1_i386.deb
openldap2.3_2.3.38-1+lenny1.diff.gz
to pool/main/o/openldap2.3/openldap2.3_2.3.38-1+lenny1.diff.gz
openldap2.3_2.3.38-1+lenny1.dsc
to pool/main/o/openldap2.3/openldap2.3_2.3.38-1+lenny1.dsc
slapd-dbg_2.3.38-1+lenny1_i386.deb
to pool/main/o/openldap2.3/slapd-dbg_2.3.38-1+lenny1_i386.deb
slapd_2.3.38-1+lenny1_i386.deb
to pool/main/o/openldap2.3/slapd_2.3.38-1+lenny1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nico Golde <[EMAIL PROTECTED]> (supplier of updated openldap2.3 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 04 Nov 2007 13:42:20 +0100
Source: openldap2.3
Binary: slapd ldap-utils libldap-2.3-0-dbg libldap-2.3-0 slapd-dbg
Architecture: source i386
Version: 2.3.38-1+lenny1
Distribution: testing-security
Urgency: high
Maintainer: Debian OpenLDAP Maintainers <[EMAIL PROTECTED]>
Changed-By: Nico Golde <[EMAIL PROTECTED]>
Description:
ldap-utils - OpenLDAP utilities
libldap-2.3-0 - OpenLDAP libraries
libldap-2.3-0-dbg - Debugging information for OpenLDAP libraries
slapd - OpenLDAP server (slapd)
slapd-dbg - Debugging information for the OpenLDAP server (slapd)
Closes: 448644
Changes:
openldap2.3 (2.3.38-1+lenny1) testing-security; urgency=high
.
* Non-maintainer upload by testing security team.
* Fixed missing usage of calloc instead of malloc which might
lead to a denial of service attack (CVE-2007-5708) (Closes: #448644).
Files:
695389d9cd9e46c6891db0318769023d 1215 net optional
openldap2.3_2.3.38-1+lenny1.dsc
c13b872eb062a33a16a31d5804f0964f 2955427 net optional
openldap2.3_2.3.38.orig.tar.gz
3cb6eab2f47e8671f3c4ef2ddb10a717 153020 net optional
openldap2.3_2.3.38-1+lenny1.diff.gz
41fef321bfe3e99db6ddda9b13bdddda 1217666 net optional
slapd_2.3.38-1+lenny1_i386.deb
65277941758ebb1079c9afd4a2e63ffb 204190 net optional
ldap-utils_2.3.38-1+lenny1_i386.deb
af8ae0b5c0f0b281404f718101f9c60f 314614 libs optional
libldap-2.3-0_2.3.38-1+lenny1_i386.deb
878ff272fadda69d89efe934c38147d8 568338 libdevel extra
libldap-2.3-0-dbg_2.3.38-1+lenny1_i386.deb
01475881a664dd6588f42123c71e2afc 2990954 net extra
slapd-dbg_2.3.38-1+lenny1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHPv/kHYflSXNkfP8RAmzlAJ9qxnyrqrXcYcc8YIxmhoWmrkx9NwCgkDJA
YhiC03TNi3XKC4a6k++iFNg=
=ebB4
-----END PGP SIGNATURE-----
--- End Message ---
