SUSE-SU-2022:1832-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2022/suse-su-20221832-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:1832-1.json

JSON Data

https://api.test.osv.dev/v1/vulns/SUSE-SU-2022:1832-1

Upstream

CVE-2022-29155

Related

CVE-2022-29155

Published

2022-05-24T09:52:57Z

Modified

2025-05-08T17:18:06.479658Z

Summary

Security update for openldap2

Details

This update for openldap2 fixes the following issues:

Security: - CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240).

Bugfixes: - allow specification of max/min TLS version with TLS1.3 (bsc#1191157) - libldap was able to be out of step with openldap in some cases which could cause incorrect installations and symbol resolution failures. openldap2 and libldap now are locked to their related release versions. (bsc#1197004) - restore CLDAP functionality in CLI tools (jsc#PM-3288)

References

Affected packages

SUSE:Enterprise Storage 6

openldap2

Package

Name: openldap2
Purl: pkg:rpm/suse/openldap2&distro=SUSE%20Enterprise%20Storage%206

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.46-150000.9.71.1

Ecosystem specific

{
    "binaries": [
        {
            "openldap2-back-perl": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-back-meta": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOS

openldap2

Package

Name: openldap2
Purl: pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.46-150000.9.71.1

Ecosystem specific

{
    "binaries": [
        {
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1",
            "openldap2-client": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSS

openldap2

Package

Name: openldap2
Purl: pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.46-150000.9.71.1

Ecosystem specific

{
    "binaries": [
        {
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1",
            "openldap2-client": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15-ESPOS

openldap2

Package

Name: openldap2
Purl: pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.46-150000.9.71.1

Ecosystem specific

{
    "binaries": [
        {
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-client": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15-LTSS

openldap2

Package

Name: openldap2
Purl: pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.46-150000.9.71.1

Ecosystem specific

{
    "binaries": [
        {
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-client": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP1-BCL

openldap2

Package

Name: openldap2
Purl: pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.46-150000.9.71.1

Ecosystem specific

{
    "binaries": [
        {
            "openldap2-back-perl": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-back-meta": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP1-LTSS

openldap2

Package

Name: openldap2
Purl: pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.46-150000.9.71.1

Ecosystem specific

{
    "binaries": [
        {
            "openldap2-back-perl": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-back-meta": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15-LTSS

openldap2

Package

Name: openldap2
Purl: pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.46-150000.9.71.1

Ecosystem specific

{
    "binaries": [
        {
            "openldap2-back-perl": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-back-meta": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15

openldap2

Package

Name: openldap2
Purl: pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.46-150000.9.71.1

Ecosystem specific

{
    "binaries": [
        {
            "openldap2-back-perl": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-back-meta": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP1

openldap2

Package

Name: openldap2
Purl: pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.46-150000.9.71.1

Ecosystem specific

{
    "binaries": [
        {
            "openldap2-back-perl": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-back-meta": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}