1. Home
  2. Security Advisories
  3. SUSE
  4. SUSE-SU-2016:0224-1

[SUSE-SU-2016:0224-1] Security update for openldap2

Severity Important
Affected Packages 34
CVEs 2
Info Packages References Vulnerabilities

Security update for openldap2

This update fixes the following security issues:

  • CVE-2015-6908: The ber_get_next function allowed remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. (bsc#945582)
  • CVE-2015-4000: Fix weak Diffie-Hellman size vulnerability. (bsc#937766)

It also fixes the following non-security bugs:

  • bsc#955210: Unresponsive LDAP host lookups in IPv6 environment

This update adds the following functionality:

  • fate#319300: SHA2 password hashing module that can be loaded on-demand.
Package Affected Version
pkg:rpm/suse/openldap2?arch=x86_64&distro=sles-12&sp=1 < 2.4.41-18.13.4
pkg:rpm/suse/openldap2?arch=x86_64&distro=sles-12 < 2.4.41-18.13.4
pkg:rpm/suse/openldap2?arch=s390x&distro=sles-12&sp=1 < 2.4.41-18.13.4
pkg:rpm/suse/openldap2?arch=s390x&distro=sles-12 < 2.4.41-18.13.4
pkg:rpm/suse/openldap2?arch=ppc64le&distro=sles-12&sp=1 < 2.4.41-18.13.4
pkg:rpm/suse/openldap2?arch=ppc64le&distro=sles-12 < 2.4.41-18.13.4
pkg:rpm/suse/openldap2-client?arch=x86_64&distro=sles-12&sp=1 < 2.4.41-18.13.1
pkg:rpm/suse/openldap2-client?arch=x86_64&distro=sles-12 < 2.4.41-18.13.1
pkg:rpm/suse/openldap2-client?arch=x86_64&distro=sled-12&sp=1 < 2.4.41-18.13.1
pkg:rpm/suse/openldap2-client?arch=x86_64&distro=sled-12 < 2.4.41-18.13.1
pkg:rpm/suse/openldap2-client?arch=s390x&distro=sles-12&sp=1 < 2.4.41-18.13.1
pkg:rpm/suse/openldap2-client?arch=s390x&distro=sles-12 < 2.4.41-18.13.1
pkg:rpm/suse/openldap2-client?arch=ppc64le&distro=sles-12&sp=1 < 2.4.41-18.13.1
pkg:rpm/suse/openldap2-client?arch=ppc64le&distro=sles-12 < 2.4.41-18.13.1
pkg:rpm/suse/openldap2-back-meta?arch=x86_64&distro=sles-12&sp=1 < 2.4.41-18.13.4
pkg:rpm/suse/openldap2-back-meta?arch=x86_64&distro=sles-12 < 2.4.41-18.13.4
pkg:rpm/suse/openldap2-back-meta?arch=s390x&distro=sles-12&sp=1 < 2.4.41-18.13.4
pkg:rpm/suse/openldap2-back-meta?arch=s390x&distro=sles-12 < 2.4.41-18.13.4
pkg:rpm/suse/openldap2-back-meta?arch=ppc64le&distro=sles-12&sp=1 < 2.4.41-18.13.4
pkg:rpm/suse/openldap2-back-meta?arch=ppc64le&distro=sles-12 < 2.4.41-18.13.4
pkg:rpm/suse/libldap-2_4-2?arch=x86_64&distro=sles-12&sp=1 < 2.4.41-18.13.1
pkg:rpm/suse/libldap-2_4-2?arch=x86_64&distro=sles-12 < 2.4.41-18.13.1
pkg:rpm/suse/libldap-2_4-2?arch=x86_64&distro=sled-12&sp=1 < 2.4.41-18.13.1
pkg:rpm/suse/libldap-2_4-2?arch=x86_64&distro=sled-12 < 2.4.41-18.13.1
pkg:rpm/suse/libldap-2_4-2?arch=s390x&distro=sles-12&sp=1 < 2.4.41-18.13.1
pkg:rpm/suse/libldap-2_4-2?arch=s390x&distro=sles-12 < 2.4.41-18.13.1
pkg:rpm/suse/libldap-2_4-2?arch=ppc64le&distro=sles-12&sp=1 < 2.4.41-18.13.1
pkg:rpm/suse/libldap-2_4-2?arch=ppc64le&distro=sles-12 < 2.4.41-18.13.1
pkg:rpm/suse/libldap-2_4-2-32bit?arch=x86_64&distro=sles-12&sp=1 < 2.4.41-18.13.1
pkg:rpm/suse/libldap-2_4-2-32bit?arch=x86_64&distro=sles-12 < 2.4.41-18.13.1
pkg:rpm/suse/libldap-2_4-2-32bit?arch=x86_64&distro=sled-12&sp=1 < 2.4.41-18.13.1
pkg:rpm/suse/libldap-2_4-2-32bit?arch=x86_64&distro=sled-12 < 2.4.41-18.13.1
pkg:rpm/suse/libldap-2_4-2-32bit?arch=s390x&distro=sles-12&sp=1 < 2.4.41-18.13.1
pkg:rpm/suse/libldap-2_4-2-32bit?arch=s390x&distro=sles-12 < 2.4.41-18.13.1
ID
SUSE-SU-2016:0224-1
Severity
important
URL
https://www.suse.com/support/update/announcement/2016/suse-su-20160224-1/
Published
2016-01-25T08:47:53
(8 years ago)
Modified
2016-01-25T08:47:53
(8 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/suse/openldap2?arch=x86_64&distro=sles-12&sp=1 suse openldap2 < 2.4.41-18.13.4 sles-12 x86_64
Affected pkg:rpm/suse/openldap2?arch=x86_64&distro=sles-12 suse openldap2 < 2.4.41-18.13.4 sles-12 x86_64
Affected pkg:rpm/suse/openldap2?arch=s390x&distro=sles-12&sp=1 suse openldap2 < 2.4.41-18.13.4 sles-12 s390x
Affected pkg:rpm/suse/openldap2?arch=s390x&distro=sles-12 suse openldap2 < 2.4.41-18.13.4 sles-12 s390x
Affected pkg:rpm/suse/openldap2?arch=ppc64le&distro=sles-12&sp=1 suse openldap2 < 2.4.41-18.13.4 sles-12 ppc64le
Affected pkg:rpm/suse/openldap2?arch=ppc64le&distro=sles-12 suse openldap2 < 2.4.41-18.13.4 sles-12 ppc64le
Affected pkg:rpm/suse/openldap2-client?arch=x86_64&distro=sles-12&sp=1 suse openldap2-client < 2.4.41-18.13.1 sles-12 x86_64
Affected pkg:rpm/suse/openldap2-client?arch=x86_64&distro=sles-12 suse openldap2-client < 2.4.41-18.13.1 sles-12 x86_64
Affected pkg:rpm/suse/openldap2-client?arch=x86_64&distro=sled-12&sp=1 suse openldap2-client < 2.4.41-18.13.1 sled-12 x86_64
Affected pkg:rpm/suse/openldap2-client?arch=x86_64&distro=sled-12 suse openldap2-client < 2.4.41-18.13.1 sled-12 x86_64
Affected pkg:rpm/suse/openldap2-client?arch=s390x&distro=sles-12&sp=1 suse openldap2-client < 2.4.41-18.13.1 sles-12 s390x
Affected pkg:rpm/suse/openldap2-client?arch=s390x&distro=sles-12 suse openldap2-client < 2.4.41-18.13.1 sles-12 s390x
Affected pkg:rpm/suse/openldap2-client?arch=ppc64le&distro=sles-12&sp=1 suse openldap2-client < 2.4.41-18.13.1 sles-12 ppc64le
Affected pkg:rpm/suse/openldap2-client?arch=ppc64le&distro=sles-12 suse openldap2-client < 2.4.41-18.13.1 sles-12 ppc64le
Affected pkg:rpm/suse/openldap2-back-meta?arch=x86_64&distro=sles-12&sp=1 suse openldap2-back-meta < 2.4.41-18.13.4 sles-12 x86_64
Affected pkg:rpm/suse/openldap2-back-meta?arch=x86_64&distro=sles-12 suse openldap2-back-meta < 2.4.41-18.13.4 sles-12 x86_64
Affected pkg:rpm/suse/openldap2-back-meta?arch=s390x&distro=sles-12&sp=1 suse openldap2-back-meta < 2.4.41-18.13.4 sles-12 s390x
Affected pkg:rpm/suse/openldap2-back-meta?arch=s390x&distro=sles-12 suse openldap2-back-meta < 2.4.41-18.13.4 sles-12 s390x
Affected pkg:rpm/suse/openldap2-back-meta?arch=ppc64le&distro=sles-12&sp=1 suse openldap2-back-meta < 2.4.41-18.13.4 sles-12 ppc64le
Affected pkg:rpm/suse/openldap2-back-meta?arch=ppc64le&distro=sles-12 suse openldap2-back-meta < 2.4.41-18.13.4 sles-12 ppc64le
Affected pkg:rpm/suse/libldap-2_4-2?arch=x86_64&distro=sles-12&sp=1 suse libldap-2_4-2 < 2.4.41-18.13.1 sles-12 x86_64
Affected pkg:rpm/suse/libldap-2_4-2?arch=x86_64&distro=sles-12 suse libldap-2_4-2 < 2.4.41-18.13.1 sles-12 x86_64
Affected pkg:rpm/suse/libldap-2_4-2?arch=x86_64&distro=sled-12&sp=1 suse libldap-2_4-2 < 2.4.41-18.13.1 sled-12 x86_64
Affected pkg:rpm/suse/libldap-2_4-2?arch=x86_64&distro=sled-12 suse libldap-2_4-2 < 2.4.41-18.13.1 sled-12 x86_64
Affected pkg:rpm/suse/libldap-2_4-2?arch=s390x&distro=sles-12&sp=1 suse libldap-2_4-2 < 2.4.41-18.13.1 sles-12 s390x
Affected pkg:rpm/suse/libldap-2_4-2?arch=s390x&distro=sles-12 suse libldap-2_4-2 < 2.4.41-18.13.1 sles-12 s390x
Affected pkg:rpm/suse/libldap-2_4-2?arch=ppc64le&distro=sles-12&sp=1 suse libldap-2_4-2 < 2.4.41-18.13.1 sles-12 ppc64le
Affected pkg:rpm/suse/libldap-2_4-2?arch=ppc64le&distro=sles-12 suse libldap-2_4-2 < 2.4.41-18.13.1 sles-12 ppc64le
Affected pkg:rpm/suse/libldap-2_4-2-32bit?arch=x86_64&distro=sles-12&sp=1 suse libldap-2_4-2-32bit < 2.4.41-18.13.1 sles-12 x86_64
Affected pkg:rpm/suse/libldap-2_4-2-32bit?arch=x86_64&distro=sles-12 suse libldap-2_4-2-32bit < 2.4.41-18.13.1 sles-12 x86_64
Affected pkg:rpm/suse/libldap-2_4-2-32bit?arch=x86_64&distro=sled-12&sp=1 suse libldap-2_4-2-32bit < 2.4.41-18.13.1 sled-12 x86_64
Affected pkg:rpm/suse/libldap-2_4-2-32bit?arch=x86_64&distro=sled-12 suse libldap-2_4-2-32bit < 2.4.41-18.13.1 sled-12 x86_64
Affected pkg:rpm/suse/libldap-2_4-2-32bit?arch=s390x&distro=sles-12&sp=1 suse libldap-2_4-2-32bit < 2.4.41-18.13.1 sles-12 s390x
Affected pkg:rpm/suse/libldap-2_4-2-32bit?arch=s390x&distro=sles-12 suse libldap-2_4-2-32bit < 2.4.41-18.13.1 sles-12 s390x
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date