Overview

File _patchinfo of Package patchinfo.565

<patchinfo incident="565">
  <packager>hguo</packager>
  <issue tracker="bnc" id="905959">L3-Question: Are multiple "Connection 0" in a Multi Master setup normal ?</issue>
  <issue tracker="bnc" id="916897">VUL-0: CVE-2015-1545: openldap2: slapd crashes on search with deref control and empty attr list</issue>
  <issue tracker="bnc" id="916914">VUL-0: CVE-2015-1546: openldap2: slapd crash in valueReturnFilter cleanup</issue>
  <issue tracker="cve" id="CVE-2015-1545"></issue>
  <issue tracker="cve" id="CVE-2015-1546"></issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>Security update for openldap2</summary>
  <description>openldap2 was updated to fix two security issues and one non-security bug.

The following vulnerabilities were fixed:

* A remote attacker could cause a denial of service through a NULL pointer dereference and crash via an empty attribute list in a deref control in a search request. (bnc#916897 CVE-2015-1545)
* A remote attacker could cause a denial of service (crash) via a crafted search query with a matched values control. (bnc#916914 CVE-2015-1546) 

The following non-security issue was fixed:

* Prevent connection-0 (internal connection) from showing up in the monitor backend (bnc#905959)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places