[Pkg-openldap-devel] Bug#488710: Bug#488710: Bug#488710: slapd: remote DoS
Quanah Gibson-Mount
quanah at zimbra.com
Tue Jul 1 16:14:35 UTC 2008
--On Tuesday, July 01, 2008 9:13 AM -0700 Quanah Gibson-Mount
<quanah at zimbra.com> wrote:
> --On Monday, June 30, 2008 3:09 PM -0700 Steve Langasek
> <vorlon at debian.org> wrote:
>
>>> 1.121 Fri Jun 27 00:36:41 2008 UTC; 3 days, 20 hours ago by hyc
>>> CVS Tags: HEAD
>>> Changed since 1.120: +6 -8 lines
>>> Diffs to 1.120 (colored diff)
>>
>>> ITS#5580 fix length decoding, verified with PROTOS
>>
>> Well, that can only prove that it's no longer vulnerable, right, not that
>> it still works after the fact? ;)
>>
>> I'm still inclined to wait until I see upstream bless this patch before
>> pushing out a fix to unstable.
>
> Ok, I'll reword this slightly.
>
> We at upstream believe the issue to be fixed and the ITS closed. :)
(Closed from further work unless shown otherwise). :P It will be
incorporated into 2.4.11 (and I'm going to drop it into the 2.3 sources as
well, although it is unlikely there'll be another 2.3 release).
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
More information about the Pkg-openldap-devel
mailing list