Information on source package openldap

Available versions

ReleaseVersion
buster2.4.47+dfsg-3+deb10u7
bullseye2.4.57+dfsg-3+deb11u1
bookworm2.5.13+dfsg-5
trixie2.5.13+dfsg-5
sid2.5.16+dfsg-2

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2023-2953vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablefixedA vulnerability was found in openldap. This security flaw causes a nul ...

Open unimportant issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2020-15719vulnerablevulnerablevulnerablevulnerablevulnerablelibldap in certain third-party OpenLDAP packages has a certificate-val ...
CVE-2017-17740vulnerablevulnerablevulnerablevulnerablevulnerablecontrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when bot ...
CVE-2017-14159vulnerablevulnerablevulnerablevulnerablevulnerableslapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping ...
CVE-2015-3276vulnerablevulnerablevulnerablevulnerablevulnerableThe nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDA ...

Resolved issues

BugDescription
TEMP-0253838-2AD268Minor local DoS as libldap
CVE-2022-31253A Untrusted Search Path vulnerability in openldap2 of openSUSE Factory ...
CVE-2022-29155In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection ...
CVE-2021-27212In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion ...
CVE-2020-36230A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertio ...
CVE-2020-36229A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 lead ...
CVE-2020-36228An integer underflow was discovered in OpenLDAP before 2.4.57 leading ...
CVE-2020-36227A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite ...
CVE-2020-36226A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv ...
CVE-2020-36225A flaw was discovered in OpenLDAP before 2.4.57 leading to a double fr ...
CVE-2020-36224A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid ...
CVE-2020-36223A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd cra ...
CVE-2020-36222A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertio ...
CVE-2020-36221An integer underflow was discovered in OpenLDAP before 2.4.57 leading ...
CVE-2020-25710A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allo ...
CVE-2020-25709A flaw was found in OpenLDAP. This flaw allows an attacker who can sen ...
CVE-2020-25692A NULL pointer dereference was found in OpenLDAP server and was fixed ...
CVE-2020-12243In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters wi ...
CVE-2019-13565An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL ...
CVE-2019-13057An issue was discovered in the server in OpenLDAP before 2.4.48. When ...
CVE-2017-9287servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to ...
CVE-2016-4984/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets ...
CVE-2015-6908The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 ...
CVE-2015-1546Double free vulnerability in the get_vrFilter function in servers/slap ...
CVE-2015-1545The deref_parseCtrl function in servers/slapd/overlays/deref.c in Open ...
CVE-2014-9713The default slapd configuration in the Debian openldap package 2.4.23- ...
CVE-2014-8182An off-by-one error leading to a crash was discovered in openldap 2.4 ...
CVE-2013-4449The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not prope ...
CVE-2012-2668libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, wh ...
CVE-2012-1164slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a den ...
CVE-2011-4079Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.2 ...
CVE-2011-1081modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attack ...
CVE-2011-1025bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require ...
CVE-2011-1024chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-sl ...
CVE-2010-0212OpenLDAP 2.4.22 allows remote attackers to cause a denial of service ( ...
CVE-2010-0211The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not ...
CVE-2009-3767libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other ...
CVE-2008-2952liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to ca ...

Security announcements

DSA / DLADescription
DLA-3017-1openldap - security update
DSA-5140-1openldap - security update
DLA-2574-1openldap - security update
DSA-4860-1openldap - security update
DSA-4845-1openldap - security update
DLA-2544-1openldap - security update
DLA-2481-1openldap - security update
DSA-4792-1openldap - security update
DLA-2425-1openldap - security update
DSA-4782-1openldap - security update
DLA-2199-1openldap - security update
DSA-4666-1openldap - security update
DLA-1891-1openldap - security update
DLA-972-1openldap - security update
DSA-3868-1openldap - security update
DLA-309-1openldap - security update
DSA-3356-1openldap - security update
DLA-203-1openldap - security update
DSA-3209-1openldap - security update
DSA-2077-1openldap - potential code execution
DSA-1943-1openldap openldap2.3 - SSL certificate

Search for package or bug name: Reporting problems