AXSA:2020-1023:03

Release date: 
Tuesday, December 22, 2020 - 12:55
Subject: 
libldb-2.1.3-2.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases.

The following packages have been upgraded to a later upstream version: libldb (2.1.3).
Security Fix(es):

* samba: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results (CVE-2020-10730)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2020-10730
A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigger a use-after-free or NULL pointer dereference. The highest threat from this vulnerability is to system availability.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. libldb-2.1.3-2.el8.src.rpm
    MD5: 900c8ce6883f4d9418b9564dd2a52f0f
    SHA-256: e4d7851902748868bbc5f2e58b3b734e070450158623730f48f107b2fbf2f520
    Size: 1.60 MB

Asianux Server 8 for x86_64
  1. ldb-tools-2.1.3-2.el8.x86_64.rpm
    MD5: b9f3adcdb8411f744e5e789d9734dcb3
    SHA-256: 12dcda73ffcf4be8a9ce76b6ffd97573dd372b8d86f32b0693b14878461d3460
    Size: 57.10 kB
  2. libldb-2.1.3-2.el8.x86_64.rpm
    MD5: e1e6e268c93a9d63863327b48dfba816
    SHA-256: 239b78f9c60bdcb6cb514d5ec305ca4cf520a7143e755b5b1b06cfabac00f5a7
    Size: 177.02 kB
  3. libldb-devel-2.1.3-2.el8.x86_64.rpm
    MD5: 2e6141d615c9cb14c17b8a52c9e2cfd3
    SHA-256: 543c3a67e105ad7bcc761e3aa2d05421934a5081890c502ec753b81301a5facc
    Size: 84.00 kB
  4. python3-ldb-2.1.3-2.el8.x86_64.rpm
    MD5: 75fa61468079d00eebe190a0a08ccf06
    SHA-256: 770b5ff0449eb1fc3f185647907448ab977623d34b8f429e0fee1fac8922e79d
    Size: 62.96 kB
  5. libldb-2.1.3-2.el8.i686.rpm
    MD5: 0f700718649f990663f100c39a7819c9
    SHA-256: 895ccb44e1ab9dde75297721da109eb20fa7edca58fc7d951d34234ab61c33bf
    Size: 191.42 kB
  6. libldb-devel-2.1.3-2.el8.i686.rpm
    MD5: 015507a7c00fc787d8b6282362ee8618
    SHA-256: 57998bafb9ba3462bdc58110ff7c79be364991b24bd444296e0f48eddf6c1316
    Size: 84.02 kB
  7. python3-ldb-2.1.3-2.el8.i686.rpm
    MD5: e78c1d2ee4de1e8b928b2b8ba496cdf6
    SHA-256: f7994daa883e600815daad100e174f8b4319acd447f2e84107a1b31144df5544
    Size: 64.29 kB
Copyright© 2007-2015 Asianux. All rights reserved.