Overview

File _patchinfo of Package patchinfo.9556

<patchinfo incident="9556">
  <issue tracker="bnc" id="1073313">VUL-0: CVE-2017-17740: openldap2: contrib/slapd-modules/nops/nops.c, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack</issue>
  <issue tracker="cve" id="2017-17740"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>ckowalczyk</packager>
  <description>This update for openldap2 fixes the following issues:

Security issue fixed:

- CVE-2017-17740: When both the nops module and the memberof overlay
  are enabled, attempts to free a buffer that was allocated on the stack,
  which allows remote attackers to cause a denial of service (slapd crash)
  via a member MODDN operation.  (bsc#1073313)
</description>
  <summary>Security update for openldap2</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places