drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in unboundid-ldapsdk
| Name: |
Mangelnde Rechteprüfung in unboundid-ldapsdk |
|
| ID: |
FEDORA-2018-e8635ed222 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 28 |
|
| Datum: |
Fr, 30. März 2018, 20:59 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000134 |
|
| Applikationen: |
unboundid-ldapsdk |
|
Originalnachricht |
-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2018-e8635ed222
2018-03-30 12:38:03.467856
-------------------------------------------------------------------------------
-
Name : unboundid-ldapsdk
Product : Fedora 28
Version : 4.0.5
Release : 1.fc28
URL : https://www.ldap.com/unboundid-ldap-sdk-for-java
Summary : UnboundID LDAP SDK for Java
Description :
The UnboundID LDAP SDK for Java is a fast, powerful, user-friendly, and
completely free Java library for communicating with LDAP directory servers and
performing related tasks like reading and writing LDIF, encoding and
decoding data using base64 and ASN.1 BER, and performing secure communication.
-------------------------------------------------------------------------------
-
Update Information:
Rebase package(s) to version: 4.0.5 CVE-2018-1000134 has been fixed in 4.0.5
release of the UnboundID LDAP SDK for Java. A blog post has been written
covering the details of this CVE and is available at
https://nawilson.com/2018/03/19/cve-2018-1000134-and-the-unboundid-ldap-sdk-for-
java/ Further bugfixing and improvements are detailed in 4.0.5 release notes
at
https://github.com/pingidentity/ldapsdk/releases/tag/4.0.5
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #1557531 - CVE-2018-1000134 unboundid-ldapsdk: Incorrect Access
Control vulnerability in process function in SimpleBindRequest class
https://bugzilla.redhat.com/show_bug.cgi?id=1557531
-------------------------------------------------------------------------------
-
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade unboundid-ldapsdk' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
|
|
|
|
