openldap-2.4.44-25.el7
エラータID: AXSA:2022-3084:01
リリース日:
2022/02/24 Thursday - 12:17
題名:
openldap-2.4.44-25.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- openldap には、攻撃者が送信した悪意のあるパケットを openldap の slapd
サーバーが処理することで、アサーションの失敗を誘発し、システムの可用性に悪影響を
及ぼす脆弱性があります。(CVE-2020-25709)
- openldap には、攻撃者が送信した悪意のあるパケットを処理することにより、
csnNormalize23() のアサーションが強制的に失敗させられ、システムの可用性に悪影響を
及ぼす脆弱性があります。(CVE-2020-25710)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2020-25709
A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.
A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability.
CVE-2020-25710
A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability.
追加情報:
N/A
ダウンロード:
SRPMS
- openldap-2.4.44-25.el7.src.rpm
MD5: 829e44ca17ac4362cfd9c22e90ace2f4
SHA-256: 4b4b3d3fc5ee99795ce5d1563000a4643855a713ee3d3b288282168a7e6882e9
Size: 5.51 MB
Asianux Server 7 for x86_64
- openldap-2.4.44-25.el7.x86_64.rpm
MD5: 752eb7bc1f13109466f52217c7130a28
SHA-256: 0ba725e65fc56cef39b7cdcecb11978de147e95ed20227252ba6211ade45c61b
Size: 355.39 kB - openldap-clients-2.4.44-25.el7.x86_64.rpm
MD5: d39693ad4193cd45872c8ad01f5cf63e
SHA-256: fefd8b0064dfda0844e1dbd72dc4f603101724b8b7bed934bcb1949317865189
Size: 190.25 kB - openldap-devel-2.4.44-25.el7.x86_64.rpm
MD5: c405f378ad50b7fea2b2de72cdd31b26
SHA-256: 886b0c8b143a6fce3cf9c7154cc303e602098c4b25d9860e5401d4a3acaef3de
Size: 803.73 kB - openldap-servers-2.4.44-25.el7.x86_64.rpm
MD5: 5fa3b48c5f4fff7727333cb8cdb6728c
SHA-256: 814c13a1fb4e83c5521a8fc6ffe9b3780fe861527be953ac3cafc519ba33e356
Size: 2.17 MB - openldap-2.4.44-25.el7.i686.rpm
MD5: aefaab09182597d2e0775a341aa0d781
SHA-256: ce398144a26d9e930a1de55dce876350f1e410ff1a1bc381524780daa6201b71
Size: 354.22 kB - openldap-devel-2.4.44-25.el7.i686.rpm
MD5: bd6eb859f7d20fe099639ffedfae6498
SHA-256: bfd72a1dc96b3bb24dafce2c398e5ee21349c6361c3cf6761340df0b38d176ac
Size: 803.73 kB
English