OESA-2021-1062

Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2021-1062
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2021-1062.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2021-1062
Upstream
Published
2021-03-05T11:02:39Z
Modified
2025-08-12T05:06:31.896185Z
Summary
openldap security update
Details

OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP.

Security Fix(es):

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.(CVE-2020-36228)

A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.(CVE-2020-36227)

A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.(CVE-2020-36226)

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service.(CVE-2020-36230)

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).(CVE-2020-36221)

A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.(CVE-2020-36222)

A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.(CVE-2020-36224)

A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).(CVE-2020-36223)

A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.(CVE-2020-36225)

A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in adkeystring, resulting in denial of service.(CVE-2020-36229)

Database specific
{
    "severity": "High"
}
References

Affected packages

openEuler:20.03-LTS / openldap

Package

Name
openldap
Purl
pkg:rpm/openEuler/openldap&distro=openEuler-20.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.50-3.oe1

Ecosystem specific

{
    "aarch64": [
        "openldap-servers-2.4.50-3.oe1.aarch64.rpm",
        "openldap-debugsource-2.4.50-3.oe1.aarch64.rpm",
        "openldap-debuginfo-2.4.50-3.oe1.aarch64.rpm",
        "openldap-clients-2.4.50-3.oe1.aarch64.rpm",
        "openldap-2.4.50-3.oe1.aarch64.rpm",
        "openldap-devel-2.4.50-3.oe1.aarch64.rpm",
        "openldap-servers-2.4.50-3.oe1.aarch64.rpm",
        "openldap-debugsource-2.4.50-3.oe1.aarch64.rpm",
        "openldap-debuginfo-2.4.50-3.oe1.aarch64.rpm",
        "openldap-clients-2.4.50-3.oe1.aarch64.rpm",
        "openldap-2.4.50-3.oe1.aarch64.rpm",
        "openldap-devel-2.4.50-3.oe1.aarch64.rpm"
    ],
    "src": [
        "openldap-2.4.50-3.oe1.src.rpm",
        "openldap-2.4.50-3.oe1.src.rpm"
    ],
    "x86_64": [
        "openldap-2.4.50-3.oe1.x86_64.rpm",
        "openldap-clients-2.4.50-3.oe1.x86_64.rpm",
        "openldap-devel-2.4.50-3.oe1.x86_64.rpm",
        "openldap-debugsource-2.4.50-3.oe1.x86_64.rpm",
        "openldap-servers-2.4.50-3.oe1.x86_64.rpm",
        "openldap-debuginfo-2.4.50-3.oe1.x86_64.rpm",
        "openldap-2.4.50-3.oe1.x86_64.rpm",
        "openldap-clients-2.4.50-3.oe1.x86_64.rpm",
        "openldap-devel-2.4.50-3.oe1.x86_64.rpm",
        "openldap-debugsource-2.4.50-3.oe1.x86_64.rpm",
        "openldap-servers-2.4.50-3.oe1.x86_64.rpm",
        "openldap-debuginfo-2.4.50-3.oe1.x86_64.rpm"
    ],
    "noarch": [
        "openldap-help-2.4.50-3.oe1.noarch.rpm",
        "openldap-help-2.4.50-3.oe1.noarch.rpm"
    ]
}

openEuler:20.03-LTS-SP1 / openldap

Package

Name
openldap
Purl
pkg:rpm/openEuler/openldap&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.50-3.oe1

Ecosystem specific

{
    "aarch64": [
        "openldap-servers-2.4.50-3.oe1.aarch64.rpm",
        "openldap-debugsource-2.4.50-3.oe1.aarch64.rpm",
        "openldap-debuginfo-2.4.50-3.oe1.aarch64.rpm",
        "openldap-clients-2.4.50-3.oe1.aarch64.rpm",
        "openldap-2.4.50-3.oe1.aarch64.rpm",
        "openldap-devel-2.4.50-3.oe1.aarch64.rpm"
    ],
    "src": [
        "openldap-2.4.50-3.oe1.src.rpm"
    ],
    "x86_64": [
        "openldap-2.4.50-3.oe1.x86_64.rpm",
        "openldap-clients-2.4.50-3.oe1.x86_64.rpm",
        "openldap-devel-2.4.50-3.oe1.x86_64.rpm",
        "openldap-debugsource-2.4.50-3.oe1.x86_64.rpm",
        "openldap-servers-2.4.50-3.oe1.x86_64.rpm",
        "openldap-debuginfo-2.4.50-3.oe1.x86_64.rpm"
    ],
    "noarch": [
        "openldap-help-2.4.50-3.oe1.noarch.rpm"
    ]
}