Bug#375494: [Pkg-openldap-devel] Bug#375494: slapd: buffer overflow
on long host names [CVE-2006-2754]
Matthijs Mohlmann
matthijs at cacholong.nl
Tue Jul 4 19:50:23 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Quanah Gibson-Mount wrote:
>
>
> --On Tuesday, July 04, 2006 2:07 PM +0200 Matthijs Mohlmann
> <matthijs at cacholong.nl> wrote:
>
>> Martin Pitt wrote:
>>> Package: slapd
>>> Version: 2.2.26-5
>>> Severity: important
>>> Tags: security patch
>>>
>>> Hi!
>>>
>>> Several distros recently fixed a buffer overflow in slurpd wrt. long
>>> host names in the status file. This should not usually be exploitable,
>>> but it is at least a nice bug fix for crashes. Please see
>>>
>>> http://patches.ubuntu.com/patches/openldap2.2.CVE-2006-2754.diff
>>>
>>> for the patch.
>>>
>> Thanks for notification, I'll apply it as soon as possible.
>>
>>> Thank you,
>>>
>>> Martin
>
> This was one of the patches for 2.3.23 or so that I emailed in a while
> ago (and then was included in 2.3.24). So you might have it in your
> email somewhere.
>
> --Quanah
>
You are right, I didn't look at the version number which is 2.2.26-5.
Sorry for the trouble.
Regards,
Matthijs Mohlmann
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEqsZ/2n1ROIkXqbARAnbjAJsGs3aJNllSvrSUGBFqx3326wVVxwCgi903
Ups/Z7TYOmS/qi9fZ1wddWU=
=EsxJ
-----END PGP SIGNATURE-----
More information about the Pkg-openldap-devel
mailing list