* SECURITY UPDATE: null ptr deref, free uninitialized data in modrdn calls
- openldap-2.4.22-CVE-2010-0211-modrdn_check_error.patch:
- check return for errors and clean up uninitialized data
- openldap-2.4.22-CVE-2010-0212-modrdn_null_deref.patch:
- return error on 0-length or binary RDNs
- CVE-2010-0211, CVE-2010-0212
This is a security problem because it stop an package which has security problems from being updated.
Package: slapd (2.4.15-1ubuntu3.1) [security]
from package changelog:
openldap (2.4.15-1ubuntu3.1) jaunty-security; urgency=low
* SECURITY UPDATE: null ptr deref, free uninitialized data in modrdn calls 2.4.22- CVE-2010- 0211-modrdn_ check_error. patch: 2.4.22- CVE-2010- 0212-modrdn_ null_deref. patch:
- openldap-
- check return for errors and clean up uninitialized data
- openldap-
- return error on 0-length or binary RDNs
- CVE-2010-0211, CVE-2010-0212
-- Steve Beattie <email address hidden> Wed, 28 Jul 2010 23:28:31 -0700