[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#8240) OpenLDAP ber_get_next denial of service vulnerability
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#8240) OpenLDAP ber_get_next denial of service vulnerability
- From: hyc@symas.com
- Date: Thu, 10 Sep 2015 23:40:39 +0000
- Auto-submitted: auto-generated (OpenLDAP-ITS)
Michael Ströder wrote:
> hyc@symas.com wrote:
>> Thanks for the report. Fixed now in git master.
>
> Thanks for this quick fix.
>
> Could this also affect LDAP clients using libldap?
The assert was in liblber. Since libldap uses liblber, yes, it can affect clients.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/