Debian has issued an advisory on April 28: https://www.debian.org/security/2020/dsa-4666 The issue is fixed upstream in 2.4.50.
Blocks: (none) => 24076Status comment: (none) => Fixed upstream in 2.4.50
Considering the rest of the bugfixes[1],[2],[3] (not addressed by individual patches), I am leaning towards updating to 2.4.50 instead of just applying/backporting patches[4]. 1. https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/NQ6OHLWNVRKIJU3HI5YGGAZL54H2RB73/ 2. https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/VMMBUCQHEDF6QA4CDOONP2CDQEOR5YQA/ 3. https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/FUOYA6YCHBXMLANBJMSO22JD2NB22WGC/ 4. https://git.openldap.org/openldap/openldap/-/commit/d38d48fc8f572dedfb67b9da61a2ba3b125ced91
Status: NEW => ASSIGNED
Sounds reasonable. Don't forget to address Bug 24076.
openldap-2.4.50-1.1.mga7.src.rpm submitted to updates_testing for MGA7, after some local testing. All tests from openldap-tests also passed running locally.
CC: (none) => bgmilneAssignee: bgmilne => bugsquad
Advisory: ======================== Updated openldap packages fix security vulnerabilities: When both the nops module and the member of overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation (CVE-2017-17740). In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash) (CVE-2020-12243). The nops overlay has been dropped from the package, fixing CVE-2017-17740. The openldap package has been updated to version 2.4.50, fixing CVE-2020-12243 and several other bugs. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17740 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12243 https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/NQ6OHLWNVRKIJU3HI5YGGAZL54H2RB73/ https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/VMMBUCQHEDF6QA4CDOONP2CDQEOR5YQA/ https://lists.openldap.org/hyperkitty/list/openldap-announce@openldap.org/thread/FUOYA6YCHBXMLANBJMSO22JD2NB22WGC/ https://lists.opensuse.org/opensuse-updates/2019-09/msg00113.html https://www.debian.org/security/2020/dsa-4666 ======================== Updated packages in core/updates_testing: ======================== openldap-2.4.50-1.1.mga7 openldap-servers-2.4.50-1.1.mga7 openldap-servers-devel-2.4.50-1.1.mga7 openldap-clients-2.4.50-1.1.mga7 libldap2.4_2-2.4.50-1.1.mga7 libldap2.4_2-devel-2.4.50-1.1.mga7 libldap2.4_2-static-devel-2.4.50-1.1.mga7 openldap-back_sql-2.4.50-1.1.mga7 openldap-back_bdb-2.4.50-1.1.mga7 openldap-back_mdb-2.4.50-1.1.mga7 openldap-doc-2.4.50-1.1.mga7 openldap-tests-2.4.50-1.1.mga7 openldap-testprogs-2.4.50-1.1.mga7 from openldap-2.4.50-1.1.mga7.src.rpm
Assignee: bugsquad => qa-bugsStatus comment: Fixed upstream in 2.4.50 => (none)
Addendum to references: https://bugs.mageia.org/show_bug.cgi?id=24076 https://bugs.mageia.org/show_bug.cgi?id=26569
MGA7-64 Plasma on Lenovo B50 No installation issues. Ref bug 25286 Comment 5 and 6 for testing. At CLI: # systemctl start slapd # systemctl -l status slapd ● slapd.service - OpenLDAP Server Daemon Loaded: loaded (/usr/lib/systemd/system/slapd.service; disabled; vendor preset: disabled) Active: active (running) since Mon 2020-05-04 13:48:05 CEST; 17s ago Process: 14744 ExecStartPre=/usr/share/openldap/scripts/ldap-config check (code=exited, status=0/SUCCESS) Process: 14782 ExecStart=/usr/sbin/slapd -u ${LDAP_USER} -g ${LDAP_GROUP} -h ${SLAPDURLLIST} -l ${SLAPDSYSLOGLOCALUSER} > Main PID: 14783 (slapd) Tasks: 3 (limit: 4915) Memory: 4.3M CGroup: /system.slice/slapd.service └─14783 /usr/sbin/slapd -u ldap -g ldap -h ldap:/// ldapi:/// -l local4 -s 0 May 04 13:48:04 mach5.hviaene.thuis systemd[1]: Starting OpenLDAP Server Daemon... May 04 13:48:04 mach5.hviaene.thuis su[14752]: (to ldap) root on none May 04 13:48:05 mach5.hviaene.thuis su[14752]: pam_unix(su:session): session opened for user ldap by (uid=0) May 04 13:48:05 mach5.hviaene.thuis su[14752]: pam_unix(su:session): session closed for user ldap May 04 13:48:05 mach5.hviaene.thuis ldap-config[14744]: Checking config file /etc/openldap/slapd.conf: [ OK ] May 04 13:48:05 mach5.hviaene.thuis systemd[1]: Started OpenLDAP Server Daemon. $ ldapsearch -x -b '' -s base supportedControl # extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: supportedControl # # dn: supportedControl: 2.16.840.1.113730.3.4.18 supportedControl: 2.16.840.1.113730.3.4.2 supportedControl: 1.3.6.1.4.1.4203.1.10.1 supportedControl: 1.3.6.1.1.22 supportedControl: 1.2.840.113556.1.4.319 supportedControl: 1.2.826.0.1.3344810.2.3 supportedControl: 1.3.6.1.1.13.2 supportedControl: 1.3.6.1.1.13.1 supportedControl: 1.3.6.1.1.12 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 $ ldapsearch -x -b '' -s base supportedFeatures # extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: supportedFeatures # # dn: supportedFeatures: 1.3.6.1.1.14 supportedFeatures: 1.3.6.1.4.1.4203.1.5.1 supportedFeatures: 1.3.6.1.4.1.4203.1.5.2 supportedFeatures: 1.3.6.1.4.1.4203.1.5.3 supportedFeatures: 1.3.6.1.4.1.4203.1.5.4 supportedFeatures: 1.3.6.1.4.1.4203.1.5.5 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 $ ldapsearch -x -b '' -s base supportedExtension # extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: supportedExtension # # dn: supportedExtension: 1.3.6.1.4.1.1466.20037 supportedExtension: 1.3.6.1.4.1.4203.1.11.1 supportedExtension: 1.3.6.1.4.1.4203.1.11.3 supportedExtension: 1.3.6.1.1.8 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 $ make -C /usr/share/openldap/tests test runs for more than 30 min., no errors noticed OK for me
CC: (none) => herman.viaeneWhiteboard: (none) => MGA7-64-OK
Validating. Advisory in Comment 4.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
And Comment 5.
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0200.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED