[Pkg-openldap-devel] Debian OpenLDAP CVE-2010-0211, CVE-2010-0212
Matthijs Mohlmann
matthijs at cacholong.nl
Thu Jul 22 14:57:08 UTC 2010
Hi Joonas,
I'm aware of it, it was brought to my attention and a patch will be worked on.
Regards,
Matthijs Möhlmann
On Jul 22, 2010, at 3:31 PM, Joonas Kortesalmi wrote:
> Hi,
>
> I wonder if the Debian OpenLDAP maintainer team is aware of the two recently disclosed vulnerabilities on OpenLDAP? Access vector: remote, no user interaction, no authentication, potential code execution, denial of service.
>
> http://www.cert.fi/en/reports/2010/vulnerability383115.html
> http://rhn.redhat.com/errata/RHSA-2010-0542.html
> http://www.codenomicon.com/news/news/2010-07-22b.shtml
>
> I think OpenLDAP in Debian stable is vulnerable. Is a security update in works?
>
> Joonas Kortesalmi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20100722/9bec4091/attachment.htm>
More information about the Pkg-openldap-devel
mailing list