SUSE has issued an advisory today (May 16): https://lists.suse.com/pipermail/sle-security-updates/2022-May/011028.html The issue is fixed upstream in 2.6.2. Mageia 8 is also affected.
Status comment: (none) => Fixed upstream in 2.6.2Whiteboard: (none) => MGA8TOO
Equivalent openSUSE advisory: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CWSTVPRK33YGMF7RXMFQT7ZGRDJ7P6Y5/
Assigning to our registered openldap maintainer
Assignee: bugsquad => bgmilneCC: (none) => marja11
Ubuntu has issued an advisory for this today (May 17): https://ubuntu.com/security/notices/USN-5424-1
Fixed in openldap-2.4.59-4.mga9 for cauldron, and openldap-2.4.57-1.2.mga8 for MGA8 (uploaded to core/testing).
Status: NEW => ASSIGNEDCC: (none) => bgmilneAssignee: bgmilne => qa-bugs
openldap-servers-2.4.57-1.2.mga8 openldap-doc-2.4.57-1.2.mga8 libldap2.4_2-devel-2.4.57-1.2.mga8 libldap2.4_2-static-devel-2.4.57-1.2.mga8 openldap-tests-2.4.57-1.2.mga8 openldap-clients-2.4.57-1.2.mga8 libldap2.4_2-2.4.57-1.2.mga8 openldap-back_bdb-2.4.57-1.2.mga8 openldap-back_mdb-2.4.57-1.2.mga8 openldap-testprogs-2.4.57-1.2.mga8 openldap-servers-devel-2.4.57-1.2.mga8 openldap-back_sql-2.4.57-1.2.mga8 openldap-2.4.57-1.2.mga8 from openldap-2.4.57-1.2.mga8.src.rpm
Version: Cauldron => 8Whiteboard: MGA8TOO => (none)Status comment: Fixed upstream in 2.6.2 => (none)
No installation issues. Referenced Bug27625 for tests: # systemctl start slapd # systemctl status slapd ● slapd.service - OpenLDAP Server Daemon Loaded: loaded (/usr/lib/systemd/system/slapd.service; disabled; vendor preset: disabled) Active: active (running) since Tue 2022-05-24 19:47:56 EDT; 1min 42s ago Process: 51523 ExecStartPre=/usr/share/openldap/scripts/ldap-config check (code=exited, status=0/SUCCESS) Process: 51566 ExecStart=/usr/sbin/slapd -u ${LDAP_USER} -g ${LDAP_GROUP} -h ${SLAPDURLLIST} -l ${SLAPDSYSLOGLOCALUSER> Main PID: 51567 (slapd) Tasks: 3 (limit: 9446) Memory: 3.2M CPU: 87ms CGroup: /system.slice/slapd.service └─51567 /usr/sbin/slapd -u ldap -g ldap -h ldap:/// ldapi:/// -l local4 -s 0 May 24 19:47:56 localhost.localdomain systemd[1]: Starting OpenLDAP Server Daemon... May 24 19:47:56 localhost.localdomain ldap-config[51523]: Checking config file /etc/openldap/slapd.conf: [ OK ] May 24 19:47:56 localhost.localdomain systemd[1]: Started OpenLDAP Server Daemon. $ ldapsearch -x -b '' -s base supportedFeatures # extended LDIF # # LDAPv3 # base <> with scope baseObject # filter: (objectclass=*) # requesting: supportedFeatures # # dn: supportedFeatures: 1.3.6.1.1.14 supportedFeatures: 1.3.6.1.4.1.4203.1.5.1 supportedFeatures: 1.3.6.1.4.1.4203.1.5.2 supportedFeatures: 1.3.6.1.4.1.4203.1.5.3 supportedFeatures: 1.3.6.1.4.1.4203.1.5.4 supportedFeatures: 1.3.6.1.4.1.4203.1.5.5 # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 $ make -C /usr/share/openldap/tests test started a very long batter of tests. I watched as information flew by in the terminal, didn't see any errors, saw "test succeeded" many times. Seems to be working OK. Validating.
CC: (none) => andrewsfarm, sysadmin-bugsWhiteboard: (none) => MGA8-64-OKKeywords: (none) => validated_update
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0205.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED