[Pkg-openldap-devel] Bug#663644: [CVE-2012-1164] openldap (slapd): Assertion failure by processing search queries requesting only attributes for particular entry

Jonathan Wiltshire jmw at debian.org
Sun Jul 8 15:24:55 UTC 2012


Dear maintainer,

Recently you fixed one or more security problems and as a result you closed
this bug. These problems were not serious enough for a Debian Security
Advisory, so they are now on my radar for fixing in the following suites
through point releases:

squeeze (6.0.6) - use target "stable"

Please prepare a minimal-changes upload targetting each of these suites,
and submit a debdiff to the Release Team [0] for consideration. They will
offer additional guidance or instruct you to upload your package.

I will happily assist you at any stage if the patch is straightforward and
you need help. Please keep me in CC at all times so I can
track [1] the progress of this request.

For details of this process and the rationale, please see the original
announcement [2] and my blog post [3].

0: debian-release at lists.debian.org
1: http://prsc.debian.net/tracker/663644/
2: <201101232332.11736.thijs at debian.org>
3: http://deb.li/prsc

Thanks,

with his security hat on:
--
Jonathan Wiltshire                                      jmw at debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51






More information about the Pkg-openldap-devel mailing list