| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 28 Feb 2019 19:42:06 +0000 From: Salvatore Bonaccorso <carnil@...ian.org> To: bugtraq@...urityfocus.com Subject: [SECURITY] [DSA 4397-1] ldb security update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4397-1 security@...ian.org https://www.debian.org/security/ Salvatore Bonaccorso February 28, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ldb CVE ID : CVE-2019-3824 Garming Sam reported an out-of-bounds read in the ldb_wildcard_compare() function of ldb, a LDAP-like embedded database, resulting in denial of service. For the stable distribution (stretch), this problem has been fixed in version 2:1.1.27-1+deb9u1. We recommend that you upgrade your ldb packages. For the detailed security status of ldb please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ldb Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@...ts.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlx4OBpfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0R1oA//YuTxQ4iQkHgqW12SWdWMdFZC2rFuHBWI+u7pOUYNkkI3CiPwvjTrKFkn K2E6ASlB2vmoJfoTqTDzCgssOT55JKQsD8a7ocfq9tloSSbz4RUEgqNS93Yqc4Er +eUhTe2491qNGkshyuIENSoYR7cO/FMpUqRWdXH0W65nx9tD/D1Q2mCCVQwXNfQz 2jlRCvaSklOL9hyt/ibnhce23LuM1t50W/eicG3XAcjp4WGx735uq9KqjfcyJ1QT voL4qoJJxizi04M6oA5z2iUR/qKIW25qTHzj6b+uk/MJX+Rj+3j3nz5prvx5nn4t EGq537Yvhg5YYMbTSfThPOu/jgfMe/sUx3q8/2wkGs76enwFZ0eQTKvMi8Fo4fOs kRJrz6HXQJeCuv8T1NDBPMekebQw9bzdo9DyHukF+0w69LBGxySW5q7qG+NDmN19 zKbP9t/GH0BUQbq1B7x67W20i0EXHNk36GVSMjI17ksbJptVpok86wamNeoSpKgy nLf70RZ45W+XEBMyV11NdU7kusgHh3Fj3owrGsLhIM07noao1hSYVHLVqscufdbw 9zofA1ALjCiFyYeJmzGfEGh60U+ibfc3w9EUbfi31kGXZMDmeZ8+p3fWohxjlijg 2RspyOq1AX/t1ql3WWuBOBJctlUjNMVkiLgaDmspingEDV93UlI= =VZSx -----END PGP SIGNATURE-----
Powered by blists - more mailing lists