Debian: CVE-2022-29155: openldap: OpenLDAP SQL injection
Bug #1982723 reported by
Zhixiong Chi
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
Zhixiong Chi |
Bug Description
Brief Description
-----------------
Now the CVE-2022-29155 affects the starlingx debian project, the openldap package version is
2.4.57+dfsg-3
Severity
--------
Major
Steps to Reproduce
------------------
N/A
Expected Behavior
------------------
The version of openldap is up to 2.4.57+
Actual Behavior
----------------
The version of openldap now is 2.4.57+dfsg-3.
Reproducibility
---------------
100%
System Configuration
-------
ALL debian starlingx node.
Branch/Pull Time/Commit
-------
master
Last Pass
---------
N/A
Timestamp/Logs
--------------
N/A
Test Activity
-------------
N/A
Workaround
----------
N/A
CVE References
Changed in starlingx: | |
assignee: | nobody → Zhixiong Chi (zhixiongchi) |
status: | New → In Progress |
tags: | added: stx.security |
tags: | added: stx.8.0 |
Changed in starlingx: | |
importance: | Undecided → High |
tags: | added: stx.debian |
summary: |
- openldap: CVE-2022-29155 + Debian: CVE-2022-29155: openldap: OpenLDAP SQL injection |
To post a comment you must log in.
Fix proposed to branch: master /review. opendev. org/c/starlingx /integ/ +/850854
Review: https:/