Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Mon, 24 Feb 2014 22:08:56 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific LinuxFrom: Pat Riehecky Subject: Security ERRATA Moderate: openldap on SL5.x i386/x86_64 MIME-Version: 1.0 Synopsis: Moderate: openldap security update Advisory ID: SLSA-2014:0206-1 Issue Date: 2014-02-24 CVE Numbers: CVE-2013-4449 -- A denial of service flaw was found in the way the OpenLDAP server daemon (slapd) performed reference counting when using the rwm (rewrite/remap) overlay. A remote attacker able to query the OpenLDAP server could use this flaw to crash the server by immediately unbinding from the server after sending a search request. (CVE-2013-4449) -- SL5 x86_64 compat-openldap-2.3.43_2.2.29-27.el5_10.i386.rpm compat-openldap-2.3.43_2.2.29-27.el5_10.x86_64.rpm openldap-2.3.43-27.el5_10.i386.rpm openldap-2.3.43-27.el5_10.x86_64.rpm openldap-clients-2.3.43-27.el5_10.x86_64.rpm openldap-debuginfo-2.3.43-27.el5_10.i386.rpm openldap-debuginfo-2.3.43-27.el5_10.x86_64.rpm openldap-devel-2.3.43-27.el5_10.i386.rpm openldap-devel-2.3.43-27.el5_10.x86_64.rpm openldap-servers-2.3.43-27.el5_10.x86_64.rpm openldap-servers-overlays-2.3.43-27.el5_10.x86_64.rpm openldap-servers-sql-2.3.43-27.el5_10.x86_64.rpm i386 compat-openldap-2.3.43_2.2.29-27.el5_10.i386.rpm openldap-2.3.43-27.el5_10.i386.rpm openldap-clients-2.3.43-27.el5_10.i386.rpm openldap-debuginfo-2.3.43-27.el5_10.i386.rpm openldap-devel-2.3.43-27.el5_10.i386.rpm openldap-servers-2.3.43-27.el5_10.i386.rpm openldap-servers-overlays-2.3.43-27.el5_10.i386.rpm openldap-servers-sql-2.3.43-27.el5_10.i386.rpm - Scientific Linux Development Team