This bug was fixed in the package openldap - 2.4.23-6ubuntu6
--------------- openldap (2.4.23-6ubuntu6) natty; urgency=low
* SECURITY UPDATE: fix successful anonymous bind via chain overlay when using forwarded authentication failures - debian/patches/CVE-2011-1024 - CVE-2011-1024 * SECURITY UPDATE: verify password when authenticating to rootdn and using ndb backend. Note: Ubuntu is not compiled with --enable-ndb by default - debian/patches/CVE-2011-1025 - CVE-2011-1025 * SECURITY UPDATE: fix DoS when processing unauthenticated modrdn requests and requestDN is empty - debian/patches/CVE-2011-1081 - CVE-2011-1081 - LP: #742104 -- Jamie Strandboge <email address hidden> Thu, 07 Apr 2011 11:36:53 -0500
This bug was fixed in the package openldap - 2.4.23-6ubuntu6
---------------
openldap (2.4.23-6ubuntu6) natty; urgency=low
* SECURITY UPDATE: fix successful anonymous bind via chain overlay when patches/ CVE-2011- 1024 patches/ CVE-2011- 1025 patches/ CVE-2011- 1081
using forwarded authentication failures
- debian/
- CVE-2011-1024
* SECURITY UPDATE: verify password when authenticating to rootdn and using ndb
backend. Note: Ubuntu is not compiled with --enable-ndb by default
- debian/
- CVE-2011-1025
* SECURITY UPDATE: fix DoS when processing unauthenticated modrdn requests
and requestDN is empty
- debian/
- CVE-2011-1081
- LP: #742104
-- Jamie Strandboge <email address hidden> Thu, 07 Apr 2011 11:36:53 -0500