Security update for openldap2 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2021:0408-1 Final 1 1 2021-03-14T14:10:26Z current 2021-03-14T14:10:26Z 2021-03-14T14:10:26Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for openldap2 This update for openldap2 fixes the following issues: - bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. - bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the Certificate List Exact Assertion processing, resulting in denial of service. - bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. - bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. - bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. - bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). - bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). - bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2021-408 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/34RGWB6WTBL4BEDA4UXHB5TDLT47DCUY/ E-Mail link for openSUSE-SU-2021:0408-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1182279 SUSE Bug 1182279 https://bugzilla.suse.com/1182408 SUSE Bug 1182408 https://bugzilla.suse.com/1182411 SUSE Bug 1182411 https://bugzilla.suse.com/1182412 SUSE Bug 1182412 https://bugzilla.suse.com/1182413 SUSE Bug 1182413 https://bugzilla.suse.com/1182415 SUSE Bug 1182415 https://bugzilla.suse.com/1182416 SUSE Bug 1182416 https://bugzilla.suse.com/1182417 SUSE Bug 1182417 https://bugzilla.suse.com/1182418 SUSE Bug 1182418 https://bugzilla.suse.com/1182419 SUSE Bug 1182419 https://bugzilla.suse.com/1182420 SUSE Bug 1182420 https://www.suse.com/security/cve/CVE-2020-36221/ SUSE CVE CVE-2020-36221 page https://www.suse.com/security/cve/CVE-2020-36222/ SUSE CVE CVE-2020-36222 page https://www.suse.com/security/cve/CVE-2020-36223/ SUSE CVE CVE-2020-36223 page https://www.suse.com/security/cve/CVE-2020-36224/ SUSE CVE CVE-2020-36224 page https://www.suse.com/security/cve/CVE-2020-36225/ SUSE CVE CVE-2020-36225 page https://www.suse.com/security/cve/CVE-2020-36226/ SUSE CVE CVE-2020-36226 page https://www.suse.com/security/cve/CVE-2020-36227/ SUSE CVE CVE-2020-36227 page https://www.suse.com/security/cve/CVE-2020-36228/ SUSE CVE CVE-2020-36228 page https://www.suse.com/security/cve/CVE-2020-36229/ SUSE CVE CVE-2020-36229 page https://www.suse.com/security/cve/CVE-2020-36230/ SUSE CVE CVE-2020-36230 page https://www.suse.com/security/cve/CVE-2021-27212/ SUSE CVE CVE-2021-27212 page openSUSE Leap 15.2 libldap-2_4-2-2.4.46-lp152.14.18.1 libldap-2_4-2-32bit-2.4.46-lp152.14.18.1 libldap-data-2.4.46-lp152.14.18.1 openldap2-2.4.46-lp152.14.18.1 openldap2-back-meta-2.4.46-lp152.14.18.1 openldap2-back-perl-2.4.46-lp152.14.18.1 openldap2-back-sock-2.4.46-lp152.14.18.1 openldap2-back-sql-2.4.46-lp152.14.18.1 openldap2-client-2.4.46-lp152.14.18.1 openldap2-contrib-2.4.46-lp152.14.18.1 openldap2-devel-2.4.46-lp152.14.18.1 openldap2-devel-32bit-2.4.46-lp152.14.18.1 openldap2-devel-static-2.4.46-lp152.14.18.1 openldap2-doc-2.4.46-lp152.14.18.1 openldap2-ppolicy-check-password-1.2-lp152.14.18.1 libldap-2_4-2-2.4.46-lp152.14.18.1 as a component of openSUSE Leap 15.2 libldap-2_4-2-32bit-2.4.46-lp152.14.18.1 as a component of openSUSE Leap 15.2 libldap-data-2.4.46-lp152.14.18.1 as a component of openSUSE Leap 15.2 openldap2-2.4.46-lp152.14.18.1 as a component of openSUSE Leap 15.2 openldap2-back-meta-2.4.46-lp152.14.18.1 as a component of openSUSE Leap 15.2 openldap2-back-perl-2.4.46-lp152.14.18.1 as a component of openSUSE Leap 15.2 openldap2-back-sock-2.4.46-lp152.14.18.1 as a component of openSUSE Leap 15.2 openldap2-back-sql-2.4.46-lp152.14.18.1 as a component of openSUSE Leap 15.2 openldap2-client-2.4.46-lp152.14.18.1 as a component of openSUSE Leap 15.2 openldap2-contrib-2.4.46-lp152.14.18.1 as a component of openSUSE Leap 15.2 openldap2-devel-2.4.46-lp152.14.18.1 as a component of openSUSE Leap 15.2 openldap2-devel-32bit-2.4.46-lp152.14.18.1 as a component of openSUSE Leap 15.2 openldap2-devel-static-2.4.46-lp152.14.18.1 as a component of openSUSE Leap 15.2 openldap2-doc-2.4.46-lp152.14.18.1 as a component of openSUSE Leap 15.2 openldap2-ppolicy-check-password-1.2-lp152.14.18.1 as a component of openSUSE Leap 15.2 An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). CVE-2020-36221 openSUSE Leap 15.2:libldap-2_4-2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-2_4-2-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-data-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-meta-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-perl-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sock-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sql-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-client-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-contrib-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-static-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-doc-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-ppolicy-check-password-1.2-lp152.14.18.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/34RGWB6WTBL4BEDA4UXHB5TDLT47DCUY/ https://www.suse.com/security/cve/CVE-2020-36221.html CVE-2020-36221 https://bugzilla.suse.com/1182420 SUSE Bug 1182420 A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. CVE-2020-36222 openSUSE Leap 15.2:libldap-2_4-2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-2_4-2-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-data-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-meta-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-perl-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sock-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sql-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-client-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-contrib-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-static-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-doc-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-ppolicy-check-password-1.2-lp152.14.18.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/34RGWB6WTBL4BEDA4UXHB5TDLT47DCUY/ https://www.suse.com/security/cve/CVE-2020-36222.html CVE-2020-36222 https://bugzilla.suse.com/1182419 SUSE Bug 1182419 A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). CVE-2020-36223 openSUSE Leap 15.2:libldap-2_4-2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-2_4-2-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-data-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-meta-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-perl-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sock-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sql-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-client-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-contrib-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-static-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-doc-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-ppolicy-check-password-1.2-lp152.14.18.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/34RGWB6WTBL4BEDA4UXHB5TDLT47DCUY/ https://www.suse.com/security/cve/CVE-2020-36223.html CVE-2020-36223 https://bugzilla.suse.com/1182418 SUSE Bug 1182418 A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. CVE-2020-36224 openSUSE Leap 15.2:libldap-2_4-2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-2_4-2-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-data-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-meta-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-perl-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sock-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sql-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-client-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-contrib-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-static-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-doc-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-ppolicy-check-password-1.2-lp152.14.18.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/34RGWB6WTBL4BEDA4UXHB5TDLT47DCUY/ https://www.suse.com/security/cve/CVE-2020-36224.html CVE-2020-36224 https://bugzilla.suse.com/1182417 SUSE Bug 1182417 A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. CVE-2020-36225 openSUSE Leap 15.2:libldap-2_4-2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-2_4-2-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-data-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-meta-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-perl-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sock-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sql-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-client-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-contrib-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-static-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-doc-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-ppolicy-check-password-1.2-lp152.14.18.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/34RGWB6WTBL4BEDA4UXHB5TDLT47DCUY/ https://www.suse.com/security/cve/CVE-2020-36225.html CVE-2020-36225 https://bugzilla.suse.com/1182416 SUSE Bug 1182416 A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. CVE-2020-36226 openSUSE Leap 15.2:libldap-2_4-2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-2_4-2-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-data-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-meta-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-perl-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sock-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sql-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-client-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-contrib-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-static-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-doc-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-ppolicy-check-password-1.2-lp152.14.18.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/34RGWB6WTBL4BEDA4UXHB5TDLT47DCUY/ https://www.suse.com/security/cve/CVE-2020-36226.html CVE-2020-36226 https://bugzilla.suse.com/1182415 SUSE Bug 1182415 A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. CVE-2020-36227 openSUSE Leap 15.2:libldap-2_4-2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-2_4-2-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-data-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-meta-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-perl-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sock-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sql-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-client-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-contrib-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-static-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-doc-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-ppolicy-check-password-1.2-lp152.14.18.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/34RGWB6WTBL4BEDA4UXHB5TDLT47DCUY/ https://www.suse.com/security/cve/CVE-2020-36227.html CVE-2020-36227 https://bugzilla.suse.com/1182413 SUSE Bug 1182413 An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service. CVE-2020-36228 openSUSE Leap 15.2:libldap-2_4-2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-2_4-2-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-data-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-meta-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-perl-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sock-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sql-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-client-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-contrib-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-static-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-doc-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-ppolicy-check-password-1.2-lp152.14.18.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/34RGWB6WTBL4BEDA4UXHB5TDLT47DCUY/ https://www.suse.com/security/cve/CVE-2020-36228.html CVE-2020-36228 https://bugzilla.suse.com/1182412 SUSE Bug 1182412 A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. CVE-2020-36229 openSUSE Leap 15.2:libldap-2_4-2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-2_4-2-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-data-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-meta-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-perl-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sock-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sql-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-client-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-contrib-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-static-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-doc-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-ppolicy-check-password-1.2-lp152.14.18.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/34RGWB6WTBL4BEDA4UXHB5TDLT47DCUY/ https://www.suse.com/security/cve/CVE-2020-36229.html CVE-2020-36229 https://bugzilla.suse.com/1182408 SUSE Bug 1182408 https://bugzilla.suse.com/1182411 SUSE Bug 1182411 A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. CVE-2020-36230 openSUSE Leap 15.2:libldap-2_4-2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-2_4-2-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-data-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-meta-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-perl-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sock-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sql-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-client-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-contrib-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-static-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-doc-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-ppolicy-check-password-1.2-lp152.14.18.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/34RGWB6WTBL4BEDA4UXHB5TDLT47DCUY/ https://www.suse.com/security/cve/CVE-2020-36230.html CVE-2020-36230 https://bugzilla.suse.com/1182408 SUSE Bug 1182408 In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. CVE-2021-27212 openSUSE Leap 15.2:libldap-2_4-2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-2_4-2-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:libldap-data-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-meta-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-perl-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sock-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-back-sql-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-client-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-contrib-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-32bit-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-devel-static-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-doc-2.4.46-lp152.14.18.1 openSUSE Leap 15.2:openldap2-ppolicy-check-password-1.2-lp152.14.18.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/34RGWB6WTBL4BEDA4UXHB5TDLT47DCUY/ https://www.suse.com/security/cve/CVE-2021-27212.html CVE-2021-27212 https://bugzilla.suse.com/1182279 SUSE Bug 1182279