CLSA-2025-1758636652

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1758636652.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2025-1758636652
Upstream
Published
2026-04-22T09:20:05Z
Modified
2026-05-27T11:33:22.487354422Z
Summary
openldap: Fix of 14 CVEs
Details
  • Rebase to 2.4.58 to fix the following vulnerabilities:
  • CVE-2020-12243: fix denial of service caused by LDAP search filters with nested boolean expressions
  • CVE-2020-36221: fix integer underflow in the Certificate Exact Assertion processing
  • CVE-2020-36223: fix slapd crash in the Values Return Filter control handling
  • CVE-2020-36226: fix slapd crash in the saslAuthzTo processing
  • CVE-2020-36228: fix slapd crash in the Certificate List Exact Assertion processing
  • CVE-2020-36225: fix double free and slapd crash in the saslAuthzTo processing
  • CVE-2020-36227: fix infinite loop in slapd with the cancel_extop Cancel operation
  • CVE-2020-36230: fix assertion failure in slapd in the X.509 DN parsing in decode.c
  • CVE-2020-25692: fix NULL pointer dereference during a request for renaming RDNs
  • CVE-2020-25709: fix assertion failure caused by processing malicious packet
  • CVE-2020-36224: fix invalid pointer free and slapd crash in the saslAuthzTo processing
  • CVE-2020-36229: fix slapd crash in the X.509 DN parsing in ad_keystring
  • CVE-2020-25710: fix failed assertion in csnNormalize23()
  • CVE-2020-36222: fix assertion failure in slapd in the saslAuthzTo validation
References

Affected packages

TuxCare:OracleLinux:6
openldap

Package

Name
openldap
Purl
pkg:rpm/tuxcare/openldap?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.58-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1758636652.json"
openldap-clients

Package

Name
openldap-clients
Purl
pkg:rpm/tuxcare/openldap-clients?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.58-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1758636652.json"
openldap-devel

Package

Name
openldap-devel
Purl
pkg:rpm/tuxcare/openldap-devel?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.58-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1758636652.json"
openldap-servers

Package

Name
openldap-servers
Purl
pkg:rpm/tuxcare/openldap-servers?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.58-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1758636652.json"
openldap-servers-sql

Package

Name
openldap-servers-sql
Purl
pkg:rpm/tuxcare/openldap-servers-sql?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.58-1.el6.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2025-1758636652.json"