SUSE Container Update Advisory: suse/sle15
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2021:64-1
Container Tags        : suse/sle15:15.2 , suse/sle15:15.2.8.2.860
Container Release     : 8.2.860
Severity              : important
Type                  : security
References            : 1182279 1182408 1182411 1182412 1182413 1182415 1182416 1182417
                        1182418 1182419 1182420 CVE-2020-36221 CVE-2020-36222 CVE-2020-36223
                        CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228
                        CVE-2020-36229 CVE-2020-36230 CVE-2021-27212 
-----------------------------------------------------------------

The container suse/sle15 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2021:723-1
Released:    Mon Mar  8 16:45:27 2021
Summary:     Security update for openldap2
Type:        security
Severity:    important
References:  1182279,1182408,1182411,1182412,1182413,1182415,1182416,1182417,1182418,1182419,1182420,CVE-2020-36221,CVE-2020-36222,CVE-2020-36223,CVE-2020-36224,CVE-2020-36225,CVE-2020-36226,CVE-2020-36227,CVE-2020-36228,CVE-2020-36229,CVE-2020-36230,CVE-2021-27212
This update for openldap2 fixes the following issues:

- bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the
  X.509 DN parsing in decode.c ber_next_element, resulting in denial
  of service.
- bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN
  parsing in ad_keystring, resulting in denial of service.
- bsc#1182412 CVE-2020-36228 - integer underflow leading to crash
  in the Certificate List Exact Assertion processing, resulting in
  denial of service.
- bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the
  cancel_extop Cancel operation, resulting in denial of service.
- bsc#1182416 CVE-2020-36225 - double free and slapd crash in the
  saslAuthzTo processing, resulting in denial of service.
- bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash
  in the saslAuthzTo processing, resulting in denial of service.
- bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd
  crash in the saslAuthzTo processing, resulting in denial of service.
- bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the
  saslAuthzTo validation, resulting in denial of service.
- bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact
  Assertion processing, resulting in denial of service (schema_init.c
  serialNumberAndIssuerCheck).
- bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter
  control handling, resulting in denial of service (double free and
  out-of-bounds read).
- bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur
    in the issuerAndThisUpdateCheck function via a crafted packet,
    resulting in a denial of service (daemon exit) via a short timestamp.
    This is related to schema_init.c and checkTime.

SUSE: 2021:64-1 suse/sle15 Security Update

March 9, 2021
The container suse/sle15 was updated

Summary

Advisory ID: SUSE-SU-2021:723-1 Released: Mon Mar 8 16:45:27 2021 Summary: Security update for openldap2 Type: security Severity: important

References

References : 1182279 1182408 1182411 1182412 1182413 1182415 1182416 1182417

1182418 1182419 1182420 CVE-2020-36221 CVE-2020-36222 CVE-2020-36223

CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228

CVE-2020-36229 CVE-2020-36230 CVE-2021-27212

1182279,1182408,1182411,1182412,1182413,1182415,1182416,1182417,1182418,1182419,1182420,CVE-2020-36221,CVE-2020-36222,CVE-2020-36223,CVE-2020-36224,CVE-2020-36225,CVE-2020-36226,CVE-2020-36227,CVE-2020-36228,CVE-2020-36229,CVE-2020-36230,CVE-2021-27212

This update for openldap2 fixes the following issues:

- bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the

X.509 DN parsing in decode.c ber_next_element, resulting in denial

of service.

- bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN

parsing in ad_keystring, resulting in denial of service.

- bsc#1182412 CVE-2020-36228 - integer underflow leading to crash

in the Certificate List Exact Assertion processing, resulting in

denial of service.

- bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the

cancel_extop Cancel operation, resulting in denial of service.

- bsc#1182416 CVE-2020-36225 - double free and slapd crash in the

saslAuthzTo processing, resulting in denial of service.

- bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash

in the saslAuthzTo processing, resulting in denial of service.

- bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd

crash in the saslAuthzTo processing, resulting in denial of service.

- bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the

saslAuthzTo validation, resulting in denial of service.

- bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact

Assertion processing, resulting in denial of service (schema_init.c

serialNumberAndIssuerCheck).

- bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter

control handling, resulting in denial of service (double free and

out-of-bounds read).

- bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur

in the issuerAndThisUpdateCheck function via a crafted packet,

resulting in a denial of service (daemon exit) via a short timestamp.

This is related to schema_init.c and checkTime.

Severity
Container Advisory ID : SUSE-CU-2021:64-1
Container Tags : suse/sle15:15.2 , suse/sle15:15.2.8.2.860
Container Release : 8.2.860
Severity : important
Type : security

Related News

28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle
1.Penguin Landscape Esm H320
1 - 2 min read
There are compelling arguments in favor of Linux over Windows for desktop usage. Let's explore some advantages of choosing Linux over Windows for
4.Lock AbstractDigital Esm H320
2 - 3 min read
Canonical , the company behind Ubuntu , has introduced Netplan 1.0 , a network configuration tool that simplifies networking configuration on Linux

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved