Summary: | <net-nds/389-ds-base-1.4.4.13: information disclosure during the binding of a DN (CVE-2020-35518) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Förster <Dessa> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | chris, proxy-maint |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://github.com/gentoo/gentoo/pull/19505 | ||
Whiteboard: | ~4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Robert Förster
2021-02-17 18:52:09 UTC
Thank you for the report! Though please note we only set a version restriction in the summary once a fixed version is actually in tree. Redhat advisory: https://access.redhat.com/errata/RHSA-2021:0599 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=621368e61de5f83f5dae1b57b4ff006a6693b986 commit 621368e61de5f83f5dae1b57b4ff006a6693b986 Author: Robert Förster <Dessa@gmake.de> AuthorDate: 2021-02-17 16:38:46 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2021-02-22 15:03:29 +0000 net-nds/389-ds-base: remove vulnerable Bug: https://bugs.gentoo.org/771135 Package-Manager: Portage-3.0.14, Repoman-3.0.2 Signed-off-by: Robert Förster <Dessa@gmake.de> Closes: https://github.com/gentoo/gentoo/pull/19505 Signed-off-by: Joonas Niilola <juippis@gentoo.org> net-nds/389-ds-base/389-ds-base-1.4.4.9.ebuild | 275 ------------------------- net-nds/389-ds-base/Manifest | 37 ---- 2 files changed, 312 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f50467b8b65e752dd92ab170955e9cdc021b4f58 commit f50467b8b65e752dd92ab170955e9cdc021b4f58 Author: Robert Förster <Dessa@gmake.de> AuthorDate: 2021-02-17 16:37:43 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2021-02-22 15:03:29 +0000 net-nds/389-ds-base: bump to 1.4.4.13 with fix for CVE-2020-35518 Bug: https://bugs.gentoo.org/771135 Package-Manager: Portage-3.0.14, Repoman-3.0.2 Signed-off-by: Robert Förster <Dessa@gmake.de> Signed-off-by: Joonas Niilola <juippis@gentoo.org> net-nds/389-ds-base/389-ds-base-1.4.4.13.ebuild | 304 +++++++++++++++++++++ net-nds/389-ds-base/Manifest | 65 +++++ .../files/389-ds-base-1.4.4.13-libxcrypt.patch | 66 +++++ 3 files changed, 435 insertions(+) Thank you! All done. |