Login
Newsletter
Werbung

Sicherheit: Mangelnde Rechteprüfung in unboundid-ldapsdk
Aktuelle Meldungen Distributionen
Name: Mangelnde Rechteprüfung in unboundid-ldapsdk
ID: FEDORA-2018-c188d3f09a
Distribution: Fedora
Plattformen: Fedora 26
Datum: Do, 29. März 2018, 22:37
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000134
Applikationen: unboundid-ldapsdk

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2018-c188d3f09a
2018-03-29 15:52:12.354046
-------------------------------------------------------------------------------
-

Name : unboundid-ldapsdk
Product : Fedora 26
Version : 4.0.5
Release : 1.fc26
URL : https://www.ldap.com/unboundid-ldap-sdk-for-java
Summary : UnboundID LDAP SDK for Java
Description :
The UnboundID LDAP SDK for Java is a fast, powerful, user-friendly, and
completely free Java library for communicating with LDAP directory servers and
performing related tasks like reading and writing LDIF, encoding and
decoding data using base64 and ASN.1 BER, and performing secure communication.

-------------------------------------------------------------------------------
-
Update Information:

Rebase package(s) to version: 4.0.5 CVE-2018-1000134 has been fixed in 4.0.5
release of the UnboundID LDAP SDK for Java. A blog post has been written
covering the details of this CVE and is available at
https://nawilson.com/2018/03/19/cve-2018-1000134-and-the-unboundid-ldap-sdk-for-
java/ Further bugfixing and improvements are detailed in 4.0.5 release notes
at
https://github.com/pingidentity/ldapsdk/releases/tag/4.0.5
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1557531 - CVE-2018-1000134 unboundid-ldapsdk: Incorrect Access
Control vulnerability in process function in SimpleBindRequest class
https://bugzilla.redhat.com/show_bug.cgi?id=1557531
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade unboundid-ldapsdk' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung