- openldap (2.4.47+dfsg-3+rpi1+deb10u4) buster-staging; urgency=medium
++openldap (2.4.47+dfsg-3+rpi1+deb10u5) buster-staging; urgency=medium
+
+ [changes brought forward from 2.4.42+dfsg-1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Mon, 31 Aug 2015 16:17:47 +0000]
+ * Disable testsuite.
+
- -- Raspbian forward porter <root@raspbian.org> Thu, 19 Nov 2020 01:41:40 +0000
++ -- Raspbian forward porter <root@raspbian.org> Thu, 04 Feb 2021 17:33:33 +0000
++
+ openldap (2.4.47+dfsg-3+deb10u5) buster-security; urgency=high
+
+ * Fix slapd crashes in Certificate Exact Assertion processing
+ (ITS#9404, ITS#9424) (CVE-2020-36221)
+ * Fix slapd assertion failures in saslAuthzTo validation
+ (ITS#9406, ITS#9407) (CVE-2020-36222)
+ * Fix slapd crash in Values Return Filter control handling
+ (ITS#9408) (CVE-2020-36223)
+ * Fix slapd crashes in saslAuthzTo processing (ITS#9409, ITS#9412, ITS#9413)
+ (CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
+ * Fix slapd assertion failure in X.509 DN parsing
+ (ITS#9423) (CVE-2020-36230)
+ * Fix slapd crash in X.509 DN parsing (ITS#9425) (CVE-2020-36229)
+ * Fix slapd crash in Certificate List Exact Assertion processing
+ (ITS#9427) (CVE-2020-36228)
+ * Fix slapd infinite loop with Cancel operation (ITS#9428) (CVE-2020-36227)
+
+ -- Ryan Tandy <ryan@nardis.ca> Thu, 21 Jan 2021 19:54:40 -0800
openldap (2.4.47+dfsg-3+deb10u4) buster-security; urgency=high
projects / openldap.git / commitdiff