[Pkg-openldap-devel] Bug#863563: double free with Paged Results control and pagesize 0
Ryan Tandy
ryan at nardis.ca
Sun May 28 16:46:29 UTC 2017
Package: slapd
Version: 2.4.44+dfsg-4
Severity: important
Tags: security fixed-upstream
Control: forwarded -1 http://www.openldap.org/its/?findid=8655
Control: found -1 2.4.40+dfsg-1+deb8u2
Control: found -1 2.4.31-2+deb7u2
Karsten Heymann discovered that a user with access to search the
directory can crash slapd by issuing a search including the Paged
Results control with a page size of 0. Opening a bug for tracking in
Debian now that the ITS is public.
More information about the Pkg-openldap-devel
mailing list