[Pkg-openldap-devel] r869 - openldap/trunk-2.3/debian

Russ Allbery rra at alioth.debian.org
Mon Nov 19 02:12:00 UTC 2007


Author: rra
Date: 2007-11-19 02:11:59 +0000 (Mon, 19 Nov 2007)
New Revision: 869

Modified:
   openldap/trunk-2.3/debian/changelog
Log:
CVE-2007-5707 was already fixed in 2.3.38-1.  Adjust changelog accordingly
for better security tracking.


Modified: openldap/trunk-2.3/debian/changelog
===================================================================
--- openldap/trunk-2.3/debian/changelog	2007-11-13 04:07:04 UTC (rev 868)
+++ openldap/trunk-2.3/debian/changelog	2007-11-19 02:11:59 UTC (rev 869)
@@ -2,8 +2,6 @@
 
   * Medium severity due to denial of service fix.
   * New upstream release.
-    - CVE-2007-5707: Fix remote denial of service crash by sending a
-      malformed objectClasses attribute.
     - CVE-2007-5708: Fix remote denial of service attack in slapo-pcache
       (the overlay for proxy caching).  (Closes: #448644)
     - Multiple additional more minor bug fixes.
@@ -35,6 +33,7 @@
   * Fix bashism in initscript. (Closes: #428883)
   * Drop upstream patches ITS4924, ITS4925 and ITS4966.
   * Add patch for objectClasses which causes slapd to crash. (Closes: #440632)
+    - CVE-2007-5707.
     - Upstream bug ITS5119.
   * Change default loglevel to none, to log high priority messages.
     (Closes: #442000)




More information about the Pkg-openldap-devel mailing list