[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8240) OpenLDAP ber_get_next denial of service vulnerability

Michael Ströder wrote:
> hyc@symas.com wrote:
>> Thanks for the report. Fixed now in git master.
> Thanks for this quick fix.
> Could this also affect LDAP clients using libldap?

The assert was in liblber. Since libldap uses liblber, yes, it can affect clients.

   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/