Summary: | net-nds/openldap: Long list of acceptable CA names breaks encryption | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | ldap-bugs |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openldap.org/software/release/changes.html | ||
Whiteboard: | B3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2017-05-20 08:39:18 UTC
@maintainer(s): A patch is available: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=7b5181da8cdd47a13041f9ee36fa9590a0fa6e48. It has been merged in debian version 2.4.45+dfsg-1. Demetris Nakos -- Gentoo Security Padawan -- this is probably fixed in current stable versions (In reply to Pacho Ramos from comment #2) > this is probably fixed in current stable versions Patch: https://git.openldap.org/openldap/openldap/-/commit/7b5181da8cdd47a13041f9ee36fa9590a0fa6e48 looks like it landed in 2.4.46: >Fixed libldap GnuTLS with GNUTLS_E_AGAIN (ITS#8650) so tree is clean. GLSA Vote: No Thank you all for you work. Closing as [noglsa]. |