Fedora 33: libldb 2021-1a8e93a285

Date 07 Apr 2021

Category Fedora Linux Distribution - Security Advisories

Posted By LinuxSecurity Advisories

Update to Samba 4.13.7 - Security fixes for CVE-2020-27840 and CVE-2021-20277 ---- Update to Samba 4.13.6 - Security fixes for CVE-2020-27840 and CVE-2021-20277

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-1a8e93a285
2021-04-07 15:39:02.487939
--------------------------------------------------------------------------------

Name        : libldb
Product     : Fedora 33
Version     : 2.2.1
Release     : 1.fc33
URL         : https://ldb.samba.org/
Summary     : A schema-less, ldap like, API and database
Description :
An extensible library that implements an LDAP like API to access remote LDAP
servers, or use local tdb databases.

--------------------------------------------------------------------------------
Update Information:

Update to Samba 4.13.7 - Security fixes for CVE-2020-27840 and CVE-2021-20277
----  Update to Samba 4.13.6 - Security fixes for CVE-2020-27840 and
CVE-2021-20277
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 25 2021 Guenther Deschner  - 2.2.1-1
- New upstream release 2.2.1
- rhbz#1941402,1942497 - Security fix for CVE-2021-20277
* Wed Mar 24 2021 Lukas Slebodnik  - 2.3.0-1
- libldb-2.3.0 is required for new samba
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1941400 - CVE-2020-27840 samba: Heap corruption via crafted DN strings
        https://bugzilla.redhat.com/show_bug.cgi?id=1941400
  [ 2 ] Bug #1941402 - CVE-2021-20277 samba: Out of bounds read in AD DC LDAP server
        https://bugzilla.redhat.com/show_bug.cgi?id=1941402
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-1a8e93a285' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure