openldap-2.4.40-6.AXS4
エラータID: AXSA:2015-502:02
リリース日:
2015/09/30 Wednesday - 11:29
題名:
openldap-2.4.40-6.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- OpenLDAP の libraries/liblber/io.c の ber_get_next 関数には,
巧妙に細工された BER データによって,リモートの攻撃者がサービス拒否
(到達可能なアサーションとアプリケーションのクラッシュ) を引き起こす
脆弱性があります。(CVE-2015-6908)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2015-6908
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.
The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd.
追加情報:
N/A
ダウンロード:
SRPMS
- openldap-2.4.40-6.AXS4.src.rpm
MD5: 3593a204c69ee58af8ab87496a42ea44
SHA-256: ccaabe5c74abb108df537cd427cff62a9c49eb457009b300ae304ca681856dd5
Size: 5.46 MB
Asianux Server 4 for x86
- openldap-2.4.40-6.AXS4.i686.rpm
MD5: 88f8050b4799775d9c4597fe474dd9e8
SHA-256: df288537df65313d0324d2ab1436a6bad4c1632e52a91d1ce4a16a21c062f51e
Size: 283.69 kB - openldap-clients-2.4.40-6.AXS4.i686.rpm
MD5: 01ced61ed4019ccd4d46328940d57c51
SHA-256: 0a2ae672c6040ea9768eb09ffe0370e4fea81b92d7039d607af5d5605ef505d6
Size: 157.21 kB - openldap-devel-2.4.40-6.AXS4.i686.rpm
MD5: 6729a11ca08d652a982dd417e0872cb9
SHA-256: 6cbfe16c4eb50656c4ff5d35ade37c05db502c194d95baa9d0d4f8832eaf6f55
Size: 1.12 MB - openldap-servers-2.4.40-6.AXS4.i686.rpm
MD5: 70378586ea9915f556d742f9855ea2e9
SHA-256: 8022b2adc272f4c91b342c82bafca8f10aa1fb8d8391bdde6ccf55e1fe68b6c6
Size: 2.02 MB
Asianux Server 4 for x86_64
- openldap-2.4.40-6.AXS4.x86_64.rpm
MD5: 13b771f16ad2c685efbb30c9df62e8cc
SHA-256: ca1e0608a46816bd747c0854c9fad19392f45af1941de0aeebacd10b53f9d3bb
Size: 281.60 kB - openldap-clients-2.4.40-6.AXS4.x86_64.rpm
MD5: b88fd46c39fa8b48d43ffad25f217744
SHA-256: 4dee43bc7d29d5d9c1ac551946467ce9214dcb2d0b07bf666138ca139de76f84
Size: 162.60 kB - openldap-devel-2.4.40-6.AXS4.x86_64.rpm
MD5: e2c9d2851ec5e0220908b3a8b33945bb
SHA-256: 56c9580b82e2bcd0efda14f6c0c9145220959a63118d2e76806f7c8da592d061
Size: 1.11 MB - openldap-servers-2.4.40-6.AXS4.x86_64.rpm
MD5: 202506d45c0a14dbf3c34142035aa96f
SHA-256: 221762c3148b7112dc485a8215d76405a23c2ab2c4e6a89717cd85b33eaabe85
Size: 2.02 MB - openldap-2.4.40-6.AXS4.i686.rpm
MD5: 88f8050b4799775d9c4597fe474dd9e8
SHA-256: df288537df65313d0324d2ab1436a6bad4c1632e52a91d1ce4a16a21c062f51e
Size: 283.69 kB - openldap-devel-2.4.40-6.AXS4.i686.rpm
MD5: 6729a11ca08d652a982dd417e0872cb9
SHA-256: 6cbfe16c4eb50656c4ff5d35ade37c05db502c194d95baa9d0d4f8832eaf6f55
Size: 1.12 MB