[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#9124) Unauthenticated remote denial-of-service (Null pointer dereference in ber_skip_tag)

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#9124) Unauthenticated remote denial-of-service (Null pointer dereference in ber_skip_tag)
From: hyc@symas.com
Date: Fri, 29 Nov 2019 15:50:07 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

stephan@srlabs.de wrote:
> Note: After Cyrus SASL fixes the other issue #9123, I will request CVE id=
> 's for the two bugs and share them as a reference in the relevant issues =
> (#9123, #9124)

Usual practice for CVEs is not to make them public until fixes are released. In the
future, you should tick the Major Security Issue button for potential CVEs so they
can be handled privately before release.

-- 
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: Re: (ITS#9124) Unauthenticated remote denial-of-service (Null pointer dereference in ber_skip_tag)
Next by Date: Re: (ITS#9124) Unauthenticated remote denial-of-service (Null pointer dereference in ber_skip_tag)
Index(es):
- Chronological
- Thread