File _patchinfo of Package patchinfo.15454
<patchinfo incident="15454">
<issue tracker="bnc" id="1172698">VUL-0: EMBARGOED: CVE-2020-8023: openldap2: Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND="ldap"</issue>
<issue tracker="bnc" id="1172704">AUDIT-FIND: openldap: non-root owned file under /usr/lib</issue>
<issue tracker="cve" id="2020-8023"/>
<packager>firstyear</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for openldap2</summary>
<description>This update for openldap2 fixes the following issues:
- CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND="ldap" was used (bsc#1172698).
- Changed DB_CONFIG to root:ldap permissions (bsc#1172704).
</description>
</patchinfo>