| |||||||||||||||||||
Ubuntu alert USN-634-1 (openldap2.2, openldap2.3)
=========================================================== Ubuntu Security Notice USN-634-1 August 01, 2008 openldap2.2, openldap2.3 vulnerability CVE-2008-2952 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: slapd 2.2.26-5ubuntu2.8 Ubuntu 7.04: slapd 2.3.30-2ubuntu0.3 Ubuntu 7.10: slapd 2.3.35-1ubuntu0.3 Ubuntu 8.04 LTS: slapd 2.4.9-0ubuntu0.8.04.1 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Cameron Hotchkies discovered that OpenLDAP did not correctly handle certain ASN.1 BER data. A remote attacker could send a specially crafted packet and crash slapd, leading to a denial of service. Updated packages for Ubuntu 6.06 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 514393 4f9e265da3b3862538e819f77e2e3586 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 1058 b22c78f0d48cc36e948b54e3af20edfd http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 2626629 afc8700b5738da863b30208e1d3e9de8 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 130764 97be6915cd08b18f1cebd0278fdb6cbd http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 166234 f033393ec3c64058c9a330f3ff8f3ffd http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 961898 d2a6a9b40ae45ee16f07081caf554e1f i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 118560 6e725d3528b0fbf7603ffaca188fd058 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 146330 c385cbad49d21de849f6deb69a3f24df http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 873280 e2c56f6d1a5a372b90c416d4270a9136 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 132924 3f6561c503b4aba5bdd7380ca16a9233 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 157382 6b375c5e1da604ff063770a1bacdf9ae http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 959922 18f40de968f784c06595986dc90ac2ba sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 120868 e36bb816e65f673852040cbdc9e99fb8 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 148406 5ee83d9e8ab2b6a7e43d4486ef4495fd http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.2... Size/MD5: 903834 7fd3a71e6dfdfd629d15f1484eface61 Updated packages for Ubuntu 7.04: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 139053 aaea5b917bae9e40a49389eb18ee6b0b http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 1333 4bf113a4b679696671b740e0602c0d0c http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 2971126 c40bcc23fa65908b8d7a86a4a6061251 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 187762 3daa694023d35e8d1d5906531f77184e http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 292432 5e91f231274471465056dab7ac915579 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 1228150 2f5c3cff26ded73113db5c3ae9da2c81 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 156182 d70e186bfda981a71eee3c23b97c92c8 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 267618 9d188f962935c72538564fe57dded98f http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 1154914 83d7c5c110c5341d3d611dc9fad7cd47 powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 203784 f2bc7da688b35227c7f3f8fa171fc504 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 294528 e22c51734656e016714aa23ac0822257 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 1280558 b6ada4c71ffb98a27638af78f2aa945f sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 164516 441e58de64bed972d60fbba28e855d7b http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 264402 1f166e5072bfcf4059caf05e783e5fb4 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 1170022 c140469dc080ee8278d3ecdc235831d6 Updated packages for Ubuntu 7.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 151991 51ff8eebcede1f6fad3e31a2614e79d5 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 1343 9b21ec600b40a024bb1f7de69a9e95fb http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 2947629 5096146b7a7eb6ce3b0a97549347b5be amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 190088 5325d5369407eb873c98ee7f41615fde http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 347238 74514bf63a843d67b3d0910e75709490 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 1296502 6a572fccaab720d0e48c047e622dbb54 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 155520 59776c8fa4c5860f7f6156d8b4914c5f http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 314742 28a30e5baa754d2ae38af9b4ffbce9de http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 1216458 2c90d198d1d43e88d7588abe53293c71 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/o/openldap2.3/ldap-util... Size/MD5: 154744 8ad5d3c9c3560d8fea8fae38d8d75767 http://ports.ubuntu.com/pool/main/o/openldap2.3/libldap-2... Size/MD5: 307278 18d45b49ce6400456015193e6cf600fb http://ports.ubuntu.com/pool/main/o/openldap2.3/slapd_2.3... Size/MD5: 1211812 783b0db2a54143566988d54cf1a4dcbe powerpc architecture (Apple Macintosh G3/G4/G5): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 205302 c623bf368b4109c62e90e373b9afe23f http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 345962 f8c94186487abe14abd758cb55fec8b1 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 1345648 cd8ea44a87c657b0ee27e182ff60fba2 sparc architecture (Sun SPARC/UltraSPARC): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 166528 8bece260d735957a9aae4974419a8e46 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 306968 e7cdab9c3df1f7356132f47715e922ed http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 1229088 f513afe9b2301f2d6832b1ab1c890581 Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 144671 58f945638d8a393778cb4df222717edb http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 1547 c6a52c38b25a2f9d5c601c16f178a049 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 3694611 3c0b5ae3d45f5675e67aaf81ce7decc9 amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 266934 6e5418f9691e9d706dca198030a16cbe http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 292184 86aa494fc2b80820183d32b044d16b5f http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 197958 090e06973eba26a1cff8e60a7f42a16c http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 868394 a5d7acae075d2c0826e0413272d018ad http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 3614964 3c49f3a956ad5db0ccf792d9b8d36dd1 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 1448036 808090c707d68dc9d9901a1c980b3f21 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 245424 9219d82631dbe22fa6145206cbe85a98 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 282694 39a3b506f3ee6d8c097dd7d56dcadec3 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 182138 cfc345ff59b93219e75ab3eb90b959e7 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 777646 4ce598932a7b6e36fee72664d31b77d3 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 3533272 002c831a1311521e015324200bb25c88 http://security.ubuntu.com/ubuntu/pool/main/o/openldap2.3... Size/MD5: 1354600 ebfd92f0ebc07663e5bdad585efe8259 lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/o/openldap2.3/ldap-util... Size/MD5: 246620 c573b1d987fd0b0f1d6e78b3fdd55e2d http://ports.ubuntu.com/pool/main/o/openldap2.3/libldap-2... Size/MD5: 285252 21e10a90681897f42e73c2d75891a829 http://ports.ubuntu.com/pool/main/o/openldap2.3/libldap-2... Size/MD5: 177840 beaddaca16ab416eb8b7213c8f7f21db http://ports.ubuntu.com/pool/main/o/openldap2.3/libldap2-... Size/MD5: 779066 8ad40229d8403ab67b89fffa5a5838d4 http://ports.ubuntu.com/pool/main/o/openldap2.3/slapd-dbg... Size/MD5: 3565372 471469186a53293b1ca37ae98214182d http://ports.ubuntu.com/pool/main/o/openldap2.3/slapd_2.4... Size/MD5: 1348534 7db3b6e67624f788898871bcdf4748ed powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/o/openldap2.3/ldap-util... Size/MD5: 286564 9fdfd981184b736acf1ce3f23546fa8d http://ports.ubuntu.com/pool/main/o/openldap2.3/libldap-2... Size/MD5: 288262 2b41a700b9c68003a64552d5878db89e http://ports.ubuntu.com/pool/main/o/openldap2.3/libldap-2... Size/MD5: 192710 6f49c29d5c5a0d9057bceb5e3ae56096 http://ports.ubuntu.com/pool/main/o/openldap2.3/libldap2-... Size/MD5: 897520 ec87b7bb590ea7960f11d40820c10c4e http://ports.ubuntu.com/pool/main/o/openldap2.3/slapd-dbg... Size/MD5: 3670418 eba5c8dae9d82d03e92dbc84580f06a2 http://ports.ubuntu.com/pool/main/o/openldap2.3/slapd_2.4... Size/MD5: 1494264 8f0cf97e665d58b769f83d542c56acf4 sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/o/openldap2.3/ldap-util... Size/MD5: 248502 d4fbd44307a9920c36d2a6f9df7c1bcf http://ports.ubuntu.com/pool/main/o/openldap2.3/libldap-2... Size/MD5: 259242 a6743c6dd9c4409a13081c5ee035ddfd http://ports.ubuntu.com/pool/main/o/openldap2.3/libldap-2... Size/MD5: 178744 c92678408505baa4a7746140905a66b7 http://ports.ubuntu.com/pool/main/o/openldap2.3/libldap2-... Size/MD5: 767462 b9432320d29b5c5d1eb6b1e7541561c8 http://ports.ubuntu.com/pool/main/o/openldap2.3/slapd-dbg... Size/MD5: 3484818 ff70b240ab888a27628e3b3c3812e335 http://ports.ubuntu.com/pool/main/o/openldap2.3/slapd_2.4... Size/MD5: 1349498 66253c6ffd2cb831c24b9713c3edcc87 (Log in to post comments)
|
|||||||||||||||||||