File _patchinfo of Package patchinfo.13049

<patchinfo incident="13049">
  <issue tracker="bnc" id="1172698">VUL-0: EMBARGOED: CVE-2020-8023: openldap2: Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND="ldap"</issue>
  <issue tracker="bnc" id="1172704">AUDIT-FIND: openldap: non-root owned file under /usr/lib</issue>
  <issue tracker="cve" id="2020-8023"/>
  <packager>firstyear</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for openldap2</summary>
  <description>This update for openldap2 fixes the following issues:

- CVE-2020-8023: Fixed a potential local privilege escalation from ldap to root when OPENLDAP_CONFIG_BACKEND="ldap" was used (bsc#1172698).	  
- Changed DB_CONFIG to root:ldap permissions (bsc#1172704).

This update was imported from the SUSE:SLE-15:Update update project.</description>
</patchinfo>
openSUSE Build Service is sponsored by