Found in versions openldap/2.4.31-2+deb7u2, openldap/2.4.31-1, openldap/2.4.44+dfsg-4, openldap/2.4.40+dfsg-1, openldap/2.4.31-2, openldap/2.4.40+dfsg-1+deb8u2
Fixed in versions openldap/2.4.44+dfsg-5, openldap/2.4.40+dfsg-1+deb8u3
Acknowledgement sent
to Ryan Tandy <ryan@nardis.ca>:
New Bug report received and forwarded. Copy sent to Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>.
(Sun, 28 May 2017 16:51:04 GMT) (full text, mbox, link).
Subject: double free with Paged Results control and pagesize 0
Date: Sun, 28 May 2017 09:46:29 -0700
Package: slapd
Version: 2.4.44+dfsg-4
Severity: important
Tags: security fixed-upstream
Control: forwarded -1 http://www.openldap.org/its/?findid=8655
Control: found -1 2.4.40+dfsg-1+deb8u2
Control: found -1 2.4.31-2+deb7u2
Karsten Heymann discovered that a user with access to search the
directory can crash slapd by issuing a search including the Paged
Results control with a page size of 0. Opening a bug for tracking in
Debian now that the ITS is public.
Marked as found in versions openldap/2.4.40+dfsg-1+deb8u2.
Request was from Ryan Tandy <ryan@nardis.ca>
to submit@bugs.debian.org.
(Sun, 28 May 2017 16:51:04 GMT) (full text, mbox, link).
Marked as found in versions openldap/2.4.31-2+deb7u2.
Request was from Ryan Tandy <ryan@nardis.ca>
to submit@bugs.debian.org.
(Sun, 28 May 2017 16:51:05 GMT) (full text, mbox, link).
Added tag(s) pending.
Request was from Ryan Tandy <ryan@nardis.ca>
to control@bugs.debian.org.
(Sun, 28 May 2017 18:15:02 GMT) (full text, mbox, link).
Reply sent
to Ryan Tandy <ryan@nardis.ca>:
You have taken responsibility.
(Sun, 28 May 2017 21:07:34 GMT) (full text, mbox, link).
Notification sent
to Ryan Tandy <ryan@nardis.ca>:
Bug acknowledged by developer.
(Sun, 28 May 2017 21:07:34 GMT) (full text, mbox, link).
Subject: Bug#863563: fixed in openldap 2.4.44+dfsg-5
Date: Sun, 28 May 2017 21:04:24 +0000
Source: openldap
Source-Version: 2.4.44+dfsg-5
We believe that the bug you reported is fixed in the latest version of
openldap, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 863563@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ryan Tandy <ryan@nardis.ca> (supplier of updated openldap package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 28 May 2017 09:59:46 -0700
Source: openldap
Binary: slapd slapd-smbk5pwd ldap-utils libldap-2.4-2 libldap-common libldap-2.4-2-dbg libldap2-dev slapd-dbg
Architecture: source
Version: 2.4.44+dfsg-5
Distribution: unstable
Urgency: medium
Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
Changed-By: Ryan Tandy <ryan@nardis.ca>
Description:
ldap-utils - OpenLDAP utilities
libldap-2.4-2 - OpenLDAP libraries
libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries
libldap-common - OpenLDAP common files for libraries
libldap2-dev - OpenLDAP development libraries
slapd - OpenLDAP server (slapd)
slapd-dbg - Debugging information for the OpenLDAP server (slapd)
slapd-smbk5pwd - Keeps Samba and Kerberos passwords in sync within slapd.
Closes: 770890863563
Changes:
openldap (2.4.44+dfsg-5) unstable; urgency=medium
.
* debian/patches/ITS-8644-wait-for-slapd-to-start-in-test064.patch: Fix an
intermittently failing test by waiting for slapd to start before running
tests. (ITS#8644) (Closes: #770890)
* debian/patches/ITS-8655-paged-results-double-free.patch: Fix a double free
in the MDB backend on a search including the Paged Results control with a
page size of 0. (ITS#8655) (Closes: #863563)
Checksums-Sha1:
a3e9ec30f66aa4a9f50697aeaf2ad2f7a71de06b 2946 openldap_2.4.44+dfsg-5.dsc
8e0f9585d41e6ea1ef14b9b6cae007d18d257058 163740 openldap_2.4.44+dfsg-5.debian.tar.xz
Checksums-Sha256:
852cf740c7de619527923f49f2ab095278ebf1fbb0b28df1529ea8e6aa05d99a 2946 openldap_2.4.44+dfsg-5.dsc
d7c6de5c192341e43958b9f899fab68198c6592782980c78cd3b15267e20ef34 163740 openldap_2.4.44+dfsg-5.debian.tar.xz
Files:
fd7f7134138a6c04cc1520b8b37f2ca5 2946 net optional openldap_2.4.44+dfsg-5.dsc
292a9a58ad4f6c23f291cd616e7f53e5 163740 net optional openldap_2.4.44+dfsg-5.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJZKzT8AAoJEPNPCXROn13ZF/0QAMpY51y4IIRIGaDnJE/wDNUm
ofM7xHs6+GcchabjWXFeQEysjbA0SBBqMxEhqDBH2a1pXASzB2W0izkk7vpF9h+s
xk3QAVZWm5Vojh08l9f3Z9u5Uo5tFpzU3D9SGDWQfD+sI0I2XuODwThQYX3gVwMF
0bbkvQmmxXRDmjjBcrDCIQuKqXmo46ciYdRV0yanw1y//nOPtkfPL/4f5GQx+h6D
EP/vCNyXt2hCpjRTW8TeNSWKNTK4043tJjNVEPXd+wJzEJLI32df4IhBgBayqZxt
PXjmYuUAng9MuZiFTxaaNuYfmzc3Xji4CPtqn243XlzWgiT+c5CLuxcfjjs0RfZm
+9Z3vQnfieqEwOCNINvh7KIDp0V1cEgaVRD97E9zHKiTGVjDHwuu8RYbueYnndp5
A/hfFFz9NSvrs0OWJ5KBKa/wAivB41um8ZcdOxMH2tqWi/xeSU7c6FfiXoJddz6n
bszaCrgRmZNdUChD1V9bTOPFdu4FuY3c4rrAQ/UvzETTFUHij6g0XBdUlknjLjY4
zLgDOV/wkgQCN4WnMPkDwUa0Zygisr9d1t+3B8Mj3+DR+8FkefgwYurWtqwI/AAu
I5lAtyu0zldCPRSAc7BUwMjpeqdZDd8vkGIy0IjxJgN/Z9lfKAfOTiPRChnyCfNQ
4XgpprTcxkHx9zrritrU
=j2JG
-----END PGP SIGNATURE-----
Added tag(s) upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Mon, 29 May 2017 04:15:02 GMT) (full text, mbox, link).
Marked as found in versions openldap/2.4.40+dfsg-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Mon, 29 May 2017 04:15:05 GMT) (full text, mbox, link).
Marked as found in versions openldap/2.4.31-2.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Mon, 29 May 2017 04:15:07 GMT) (full text, mbox, link).
Marked as found in versions openldap/2.4.31-1.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Mon, 29 May 2017 08:15:05 GMT) (full text, mbox, link).
Changed Bug title to 'openldap: CVE-2017-9287: double free with Paged Results control and pagesize 0' from 'double free with Paged Results control and pagesize 0'.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Mon, 29 May 2017 17:03:05 GMT) (full text, mbox, link).
Reply sent
to Ryan Tandy <ryan@nardis.ca>:
You have taken responsibility.
(Sun, 11 Jun 2017 21:03:12 GMT) (full text, mbox, link).
Notification sent
to Ryan Tandy <ryan@nardis.ca>:
Bug acknowledged by developer.
(Sun, 11 Jun 2017 21:03:12 GMT) (full text, mbox, link).
Subject: Bug#863563: fixed in openldap 2.4.40+dfsg-1+deb8u3
Date: Sun, 11 Jun 2017 21:02:33 +0000
Source: openldap
Source-Version: 2.4.40+dfsg-1+deb8u3
We believe that the bug you reported is fixed in the latest version of
openldap, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 863563@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ryan Tandy <ryan@nardis.ca> (supplier of updated openldap package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 28 May 2017 16:08:03 -0700
Source: openldap
Binary: slapd slapd-smbk5pwd ldap-utils libldap-2.4-2 libldap-2.4-2-dbg libldap2-dev slapd-dbg
Architecture: source
Version: 2.4.40+dfsg-1+deb8u3
Distribution: jessie-security
Urgency: high
Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel@lists.alioth.debian.org>
Changed-By: Ryan Tandy <ryan@nardis.ca>
Closes: 863563
Description:
ldap-utils - OpenLDAP utilities
libldap-2.4-2 - OpenLDAP libraries
libldap-2.4-2-dbg - Debugging information for OpenLDAP libraries
libldap2-dev - OpenLDAP development libraries
slapd - OpenLDAP server (slapd)
slapd-dbg - Debugging information for the OpenLDAP server (slapd)
slapd-smbk5pwd - Keeps Samba and Kerberos passwords in sync within slapd.
Changes:
openldap (2.4.40+dfsg-1+deb8u3) jessie-security; urgency=high
.
* debian/patches/ITS-8655-paged-results-double-free.patch: Fix a double free
in the MDB backend on a search including the Paged Results control with a
page size of 0. (ITS#8655) (CVE-2017-9287) (Closes: #863563)
Checksums-Sha1:
dc7cb72188f4ec15c2e5fce875c8ed8ff1e20a9e 2990 openldap_2.4.40+dfsg-1+deb8u3.dsc
94705cf6bd8b8672590e5b33a55a59033948af42 180281 openldap_2.4.40+dfsg-1+deb8u3.diff.gz
Checksums-Sha256:
6e5877b1e071abdf613849689bff4bde15f8ac8dd4277a14cd30afb240052dd4 2990 openldap_2.4.40+dfsg-1+deb8u3.dsc
b6e7709cc75470bac1e6a797beed18c32ac97ac925932fad596a4921218b4d57 180281 openldap_2.4.40+dfsg-1+deb8u3.diff.gz
Files:
bb76beec77fb851d2843aa2e31eec72d 2990 net optional openldap_2.4.40+dfsg-1+deb8u3.dsc
4406d83fdc37a70ec72fd640a3c86115 180281 net optional openldap_2.4.40+dfsg-1+deb8u3.diff.gz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlktGvNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89ES58P/3hV3y1WEhZ91PkDJeq3/cua9TyFGiIf
z5N3m/k5ia7DthDGXKkhQtGc9sd7eJ6Ea41HwPs2K737dTCOhjidZZSzNuGJY4mL
jLlDICG6RRT9xccgQZTkBnUKLcvn9LYmTrAINxRN6DjCI2xOSybMhLP5/ipxGRDx
neOCe3x7vUntTFOCX3Sq6LyLAprg9bkDRMlJ5UFeVINVVB4DC7gyNm+3D32YIjQT
ZFo3/2XuHusksQsN+3vwN8f1YpF1hCEzzWWqVMdGjf7tZoakog7yLxwaN7ujpLuF
VLB4OcVRrYSNzL6sVtDOYvzEzf6siq0yWevsHw3TRxPQDhYsrePEfmjg6pEI94hx
M88yo5uERhOn4KJWTk0ssPuZVYzyNCO49121xq9CP1TuU+oNFozz9xFTe7KUj3bi
65yA/Ihq/vr6QPCsqnDVPr/RJyW2f6Lx7ce6W/p6eRwp56QYhfKsvmze6RwigxGW
yX+RIf0lbd9QlNErlZmDHV5bNlmm4k/yNCD/XW44mkHQStTWZ83z9IPKEzc/F8EX
fIthHzTH6tBZ8ijSf6VPojE7Lo/IJwaymQnYNULUxQ8rm0/IP00op56seOyOp1Rw
gKMVhgk0MSBjJjmoE8dTmx3W2BZbuQW0ii08ig1feoIjmbbPaiMduhCwHiZcW2MC
RJGDq0aF/isE
=wjPe
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 10 Jul 2017 07:25:27 GMT) (full text, mbox, link).
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.