libldb-1.1.20-1.el7.2

エラータID: AXSA:2016-011:01

Release date: 
Friday, January 8, 2016 - 10:32
Subject: 
libldb-1.1.20-1.el7.2
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

An extensible library that implements an LDAP like API to access remote LDAP
servers, or use local tdb databases.

Security issues fixed with this release:

CVE-2015-3223
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24,
as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before
4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which
allows remote attackers to cause a denial of service (infinite loop)
via crafted packets.
CVE-2015-5330
ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before
4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string
lengths, which allows remote attackers to obtain sensitive information
from daemon heap memory by sending crafted packets and then reading
(1) an error message or (2) a database value.

Solution: 

Update packages.

CVEs: 
CVE-2015-3223
The ldb_wildcard_compare function in ldb_match.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service (infinite loop) via crafted packets.
CVE-2015-5330
ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and then reading (1) an error message or (2) a database value.
Additional Info: 

N/A

Download: 

SRPMS
  1. libldb-1.1.20-1.el7.2.src.rpm
    MD5: 637edd5d91e2e89cef2c2307221a6e0f
    SHA-256: 0f1bc96848d55e6cb284c2b14998a98e9f7ab8d9b6553641162bafe2dd4b45db
    Size: 1.17 MB

Asianux Server 7 for x86_64
  1. libldb-1.1.20-1.el7.2.x86_64.rpm
    MD5: 7d5aa18309f133e3dcfc143201d8a813
    SHA-256: c2b47b9cfb586fba05a3611eddb0d4c47d4cbadd285918c153864f52ee86cd9b
    Size: 122.58 kB
  2. pyldb-1.1.20-1.el7.2.x86_64.rpm
    MD5: 03055227c174109c7a0ecc424c75fc69
    SHA-256: b0097adf81bbc69ec7328ca7a6ae7dd28782ae52a60b25640270ad169f1636c7
    Size: 36.45 kB
  3. libldb-1.1.20-1.el7.2.i686.rpm
    MD5: e4b9817f85262c5f6821c8d5f477f752
    SHA-256: d5cd7c40592a4a27672b8219ce6d578daedc8c2351dc3a1625e1dbea8118aa77
    Size: 123.58 kB
  4. pyldb-1.1.20-1.el7.2.i686.rpm
    MD5: ff7867d263790842cfb5ef00892a3032
    SHA-256: 9a04bef4b409ef33371921ecc01416dd90608a4ae2bb1e3e2936370cbafa9296
    Size: 35.51 kB