Overview

File _patchinfo of Package patchinfo.23628

<patchinfo incident="23628">
  <issue tracker="bnc" id="1191157">L3-Question: Windows doamin works with TLS 1.1 or TLS 1.2, but NOT with TLS 1.3</issue>
  <issue tracker="bnc" id="1197004">Possible regression openldap2</issue>
  <issue tracker="bnc" id="1199240">VUL-0: CVE-2022-29155: openldap2: SQL injection in the back-sql backend to slapd</issue>
  <issue tracker="cve" id="2022-29155"/>
  <issue tracker="jsc" id="PM-3288"/>
  <packager>firstyear</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for openldap2</summary>
  <description>This update for openldap2 fixes the following issues:

Security:
- CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240).

Bugfixes:
- allow specification of max/min TLS version with TLS1.3 (bsc#1191157)
- libldap was able to be out of step with openldap in some cases which could cause incorrect installations and symbol
  resolution failures. openldap2 and libldap now are locked to their related release versions. (bsc#1197004)
- restore CLDAP functionality in CLI tools (jsc#PM-3288)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places