Bug#375494: [Pkg-openldap-devel] Bug#375494: slapd: buffer
overflow on long host names [CVE-2006-2754]
Quanah Gibson-Mount
quanah at stanford.edu
Tue Jul 4 19:03:36 UTC 2006
--On Tuesday, July 04, 2006 2:07 PM +0200 Matthijs Mohlmann
<matthijs at cacholong.nl> wrote:
> Martin Pitt wrote:
>> Package: slapd
>> Version: 2.2.26-5
>> Severity: important
>> Tags: security patch
>>
>> Hi!
>>
>> Several distros recently fixed a buffer overflow in slurpd wrt. long
>> host names in the status file. This should not usually be exploitable,
>> but it is at least a nice bug fix for crashes. Please see
>>
>> http://patches.ubuntu.com/patches/openldap2.2.CVE-2006-2754.diff
>>
>> for the patch.
>>
> Thanks for notification, I'll apply it as soon as possible.
>
>> Thank you,
>>
>> Martin
This was one of the patches for 2.3.23 or so that I emailed in a while ago
(and then was included in 2.3.24). So you might have it in your email
somewhere.
--Quanah
--
Quanah Gibson-Mount
Principal Software Developer
ITS/Shared Application Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
More information about the Pkg-openldap-devel
mailing list