[Pkg-openldap-devel] slapd crash on specific search query (#863569)
Ryan Tandy
ryan at nardis.ca
Sun May 28 18:41:46 UTC 2017
Hi Security Team,
A Debian user reported that slapd encounters a double-free and crashes
when processing a certain search: https://bugs.debian.org/863563
The default configuration in Debian allows anonymous users to search the
directory, so for us this counts as a remote DoS.
I have opened an unblock request for fixing this in unstable and
stretch: https://bugs.debian.org/863569
Please let me know whether you'd like to perform a security upload to
fix this in stable, or handle it in a point release. Either way I am
happy to prepare and test a fixed package for you.
Thanks
Ryan
More information about the Pkg-openldap-devel
mailing list