[PLDSA 29-1] New openldap packages fix buffer overflows and remote
exploit
Krzysiek Taraszka
dzimi at pld.org.pl
Sat May 3 14:45:40 CEST 2003
- --------------------------------------------------------------------------
PLD Security Advisory PLDSA 29-1 security at pld.org.pl
http://www.pld.org.pl/security/ PLD Security Team
06 February 2003 http://www.pld.org.pl/security/faq
- --------------------------------------------------------------------------
Package : prior to openldap-2.0.27-1
Vulnerability : buffer overflows and other bugs
Problem-Type : local
PLD-specific : no
BugTraq ID : 6328
CVE references : CAN-2002-1378, CAN-2002-1379
The SuSE Security Team reviewed critical parts of openldap2, an
implementation of the Lightweight Directory Access Protocol (LDAP)
version 2 and 3, and found several buffer overflows and other bugs
remote attackers could exploit to gain access on systems running
vulnerable LDAP servers. In addition to these bugs, various local
exploitable bugs within the OpenLDAP2 libraries have been fixed.
The above problems have been fixed in version 2.0.27-3 for the
current stable distribution (ra).
We recommend that you upgrade your openldap packages.
wget -c url
will fetch the file for you
rpm -Uhv file(s)*.rpm
will upgrade the referenced file.
If you are using "poldek" - the package manager, use the line as given below
for upgrade packages
poldek --update
will update the internal database
poldek --upgrade 'openldap*'
will install corrected packages
If you are using "apt" - the package manager, use the line as given below
for upgrade packages
apt-get update
will update the internal database
apt-get upgrade 'openldap*'
will install corrected packages
PLD Linux 1.0 alias ra
- --------------------
Source archives:
ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/openldap-2.0.27-3.src.rpm
MD5 checksum: 217cda9e4326169ce5e0adf67f9fe260
I386 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/openldap-2.0.27-3.i386.rpm
MD5 checksum: 0f98477da3fdf44425764f623c9f0733
ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/openldap-devel-2.0.27-3.i386.rpm
MD5 checksum: 6a7ef033405ef033f0ac290e55b91e86
ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/openldap-servers-2.0.27-3.i386.rpm
MD5 checksum: 817da79336c3cc719f419cad2418b0ee
ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/openldap-static-2.0.27-3.i386.rpm
MD5 checksum: 5b0f8829299c294f7f80b40c0b5adb3a
I586 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/openldap-2.0.27-3.i586.rpm
MD5 checksum: 9842e70fe68e67d5e4e89ae82281ef3a
ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/openldap-devel-2.0.27-3.i586.rpm
MD5 checksum: 31d3c2a1a7c8c02ef4a1ce215f01f0fd
ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/openldap-servers-2.0.27-3.i586.rpm
MD5 checksum: ec213f2cbb96b3b5678824f24deca27b
ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/openldap-static-2.0.27-3.i586.rpm
MD5 checksum: bd5bfcb660bf8661f19dc1cb08852bad
I686 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/openldap-2.0.27-3.i686.rpm
MD5 checksum: 9584e7e94a9b30a9f5ea7506ad017343
ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/openldap-devel-2.0.27-3.i686.rpm
MD5 checksum: 8f7ff3981f979eb42dc810178cc622b7
ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/openldap-servers-2.0.27-3.i686.rpm
MD5 checksum: da9f21bc6a2cca60882d3e84e1ed2264
ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/openldap-static-2.0.27-3.i686.rpm
MD5 checksum: a1a4f6ab63b5f3c6b29eec399bd67c1f
PowerPC Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/openldap-2.0.27-3.ppc.rpm
MD5 checksum: 19981378c5f076db65bb60ceb65d35e9
ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/openldap-devel-2.0.27-3.ppc.rpm
MD5 checksum: df9db3bfef2552d37adf05d63756f20f
ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/openldap-servers-2.0.27-3.ppc.rpm
MD5 checksum: 721d7b25f8f74b3ce162ae35f432074e
ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/openldap-static-2.0.27-3.ppc.rpm
MD5 checksum: 769331ab2d890c90b5505ff09edb2672
-
--------------------------------------------------------------------------------
-
If you are using poldek add this line to poldek.conf.
If you are using apt-get add this line to sources.list.
For i386 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security
For i586 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security
For i686 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security
For ppc architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security
More information about the pld-security-announce
mailing list