drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in unboundid-ldapsdk
Name: |
Mangelnde Rechteprüfung in unboundid-ldapsdk |
|
ID: |
FEDORA-2018-e8635ed222 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 28 |
|
Datum: |
Fr, 30. März 2018, 20:59 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000134 |
|
Applikationen: |
unboundid-ldapsdk |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2018-e8635ed222 2018-03-30 12:38:03.467856 ------------------------------------------------------------------------------- -
Name : unboundid-ldapsdk Product : Fedora 28 Version : 4.0.5 Release : 1.fc28 URL : https://www.ldap.com/unboundid-ldap-sdk-for-java Summary : UnboundID LDAP SDK for Java Description : The UnboundID LDAP SDK for Java is a fast, powerful, user-friendly, and completely free Java library for communicating with LDAP directory servers and performing related tasks like reading and writing LDIF, encoding and decoding data using base64 and ASN.1 BER, and performing secure communication.
------------------------------------------------------------------------------- - Update Information:
Rebase package(s) to version: 4.0.5 CVE-2018-1000134 has been fixed in 4.0.5 release of the UnboundID LDAP SDK for Java. A blog post has been written covering the details of this CVE and is available at https://nawilson.com/2018/03/19/cve-2018-1000134-and-the-unboundid-ldap-sdk-for- java/ Further bugfixing and improvements are detailed in 4.0.5 release notes at https://github.com/pingidentity/ldapsdk/releases/tag/4.0.5 ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1557531 - CVE-2018-1000134 unboundid-ldapsdk: Incorrect Access Control vulnerability in process function in SimpleBindRequest class https://bugzilla.redhat.com/show_bug.cgi?id=1557531 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade unboundid-ldapsdk' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
|
|
|
|