[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8240) OpenLDAP ber_get_next denial of service vulnerability

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8240) OpenLDAP ber_get_next denial of service vulnerability
From: hyc@symas.com
Date: Thu, 10 Sep 2015 23:40:39 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Michael StrÃ¶der wrote:
> hyc@symas.com wrote:
>> Thanks for the report. Fixed now in git master.
>
> Thanks for this quick fix.
>
> Could this also affect LDAP clients using libldap?

The assert was in liblber. Since libldap uses liblber, yes, it can affect clients.

-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: Re: (ITS#8240) OpenLDAP ber_get_next denial of service vulnerability
Next by Date: ITS#8240
Index(es):
- Chronological
- Thread