[Pkg-openldap-devel] r868 - openldap/trunk-2.3/debian
Russ Allbery
rra at alioth.debian.org
Tue Nov 13 04:07:04 UTC 2007
Author: rra
Date: 2007-11-13 04:07:04 +0000 (Tue, 13 Nov 2007)
New Revision: 868
Modified:
openldap/trunk-2.3/debian/changelog
Log:
Add CVE for another vulnerability addressed in 2.3.39. I hate to modify
history like this, but it's more important that people and scripts who
check changelogs for security issues have an accurate record of when a
specific vulnerability was addressed.
Modified: openldap/trunk-2.3/debian/changelog
===================================================================
--- openldap/trunk-2.3/debian/changelog 2007-11-13 00:23:51 UTC (rev 867)
+++ openldap/trunk-2.3/debian/changelog 2007-11-13 04:07:04 UTC (rev 868)
@@ -2,6 +2,8 @@
* Medium severity due to denial of service fix.
* New upstream release.
+ - CVE-2007-5707: Fix remote denial of service crash by sending a
+ malformed objectClasses attribute.
- CVE-2007-5708: Fix remote denial of service attack in slapo-pcache
(the overlay for proxy caching). (Closes: #448644)
- Multiple additional more minor bug fixes.
More information about the Pkg-openldap-devel
mailing list