[Pkg-openldap-devel] slapd crash on specific search query (#863569)
Moritz Muehlenhoff
jmm at debian.org
Sun May 28 20:54:38 UTC 2017
On Sun, May 28, 2017 at 11:41:46AM -0700, Ryan Tandy wrote:
> Hi Security Team,
>
> A Debian user reported that slapd encounters a double-free and crashes when
> processing a certain search: https://bugs.debian.org/863563
>
> The default configuration in Debian allows anonymous users to search the
> directory, so for us this counts as a remote DoS.
>
> I have opened an unblock request for fixing this in unstable and stretch:
> https://bugs.debian.org/863569
>
> Please let me know whether you'd like to perform a security upload to fix
> this in stable, or handle it in a point release. Either way I am happy to
> prepare and test a fixed package for you.
Thanks!
Let's fix this via security.debian.org, can you please send a debdiff
for jessie-security when ready?
Cheers,
Moritz
More information about the Pkg-openldap-devel
mailing list