Bug 51183

Summary:	openldap: security issue (4.4)
Product:	UCS	Reporter:	Arvid Requate <requate>
Component:	Security updates	Assignee:	Arvid Requate <requate>
Status:	CLOSED FIXED	QA Contact:	Erik Damrose <damrose>
Severity:	normal
Priority:	P5	CC:	best, damrose
Version:	UCS 4.4
Target Milestone:	UCS 4.4-4-errata
Hardware:	Other
OS:	Linux
What kind of report is it?:	Security Issue	What type of bug is this?:	---
Who will be affected by this bug?:	---	How will those affected feel about the bug?:	---
User Pain:		Enterprise Customer affected?:
School Customer affected?:		ISV affected?:
Waiting Support:		Flags outvoted (downgraded) after PO Review:
Ticket number:		Bug group (optional):
Max CVSS v3 score:	7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Bug Depends on:
Bug Blocks:	51188
Attachments:	https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440.patch

Description Arvid Requate

2020-04-29 10:38:04 CEST

As a followup to CVE-2020-10704 (Bug 51121) OpenLDAP has released version 2.4.50 which fixes the same issue in slapd (CVE-2020-12243).

Upstream Bug: https://bugs.openldap.org/show_bug.cgi?id=9202

Comment 1 Arvid Requate

2020-04-29 11:08:30 CEST

Created attachment 10341 [details]
https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440.patch

Comment 2 Arvid Requate

2020-04-29 15:57:02 CEST

r18826 | Upstream patch
r18827 | Source package patch must have .quilt file suffix
9dcb15eb01 | Advisory

Package: openldap
Version: 2.4.45+dfsg-1~bpo9+1A~4.4.0.202004291153
Branch: ucs_4.4-0
Scope: errata4.4-4

Comment 3 Erik Damrose

2020-05-12 11:00:04 CEST

OK: yaml
OK: announce_errata
OK: patch
OK~: piuparts; Report from piuparts shows "Processes are running inside chroot", but this is the case for previous openldap package builds as well
Verified

Comment 4 Erik Damrose

2020-05-13 15:28:25 CEST

<http://errata.software-univention.de/ucs/4.4/591.html>