[Pkg-openldap-devel] Bug#488710: Bug#488710: Bug#488710: slapd: remote DoS

Quanah Gibson-Mount quanah at zimbra.com
Tue Jul 1 16:13:22 UTC 2008


--On Monday, June 30, 2008 3:09 PM -0700 Steve Langasek <vorlon at debian.org> 
wrote:

>> 1.121 Fri Jun 27 00:36:41 2008 UTC; 3 days, 20 hours ago by hyc
>> CVS Tags: HEAD
>> Changed since 1.120: +6 -8 lines
>> Diffs to 1.120 (colored diff)
>
>> ITS#5580 fix length decoding, verified with PROTOS
>
> Well, that can only prove that it's no longer vulnerable, right, not that
> it still works after the fact? ;)
>
> I'm still inclined to wait until I see upstream bless this patch before
> pushing out a fix to unstable.

Ok, I'll reword this slightly.

We at upstream believe the issue to be fixed and the ITS closed. :)

--Quanah

--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration





More information about the Pkg-openldap-devel mailing list