SUSE-SU-2022:1832-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2022/suse-su-20221832-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:1832-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2022:1832-1
Related
Published
2022-05-24T09:52:57Z
Modified
2022-05-24T09:52:57Z
Summary
Security update for openldap2
Details

This update for openldap2 fixes the following issues:

Security: - CVE-2022-29155: Fixed SQL injection in back-sql (bsc#1199240).

Bugfixes: - allow specification of max/min TLS version with TLS1.3 (bsc#1191157) - libldap was able to be out of step with openldap in some cases which could cause incorrect installations and symbol resolution failures. openldap2 and libldap now are locked to their related release versions. (bsc#1197004) - restore CLDAP functionality in CLI tools (jsc#PM-3288)

References

Affected packages

SUSE:Linux Enterprise High Performance Computing 15-ESPOS / openldap2

Package

Name
openldap2
Purl
pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.46-150000.9.71.1

Ecosystem specific 

{
    "binaries": [
        {
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15-LTSS / openldap2

Package

Name
openldap2
Purl
pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.46-150000.9.71.1

Ecosystem specific 

{
    "binaries": [
        {
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP1-ESPOS / openldap2

Package

Name
openldap2
Purl
pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.46-150000.9.71.1

Ecosystem specific 

{
    "binaries": [
        {
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSS / openldap2

Package

Name
openldap2
Purl
pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.46-150000.9.71.1

Ecosystem specific 

{
    "binaries": [
        {
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15-LTSS / openldap2

Package

Name
openldap2
Purl
pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.46-150000.9.71.1

Ecosystem specific 

{
    "binaries": [
        {
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-back-perl": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "openldap2-back-meta": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "openldap2": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP1-BCL / openldap2

Package

Name
openldap2
Purl
pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCL

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.46-150000.9.71.1

Ecosystem specific 

{
    "binaries": [
        {
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-back-perl": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "openldap2-back-meta": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "openldap2": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP1-LTSS / openldap2

Package

Name
openldap2
Purl
pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.46-150000.9.71.1

Ecosystem specific 

{
    "binaries": [
        {
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-back-perl": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "openldap2-back-meta": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "openldap2": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 / openldap2

Package

Name
openldap2
Purl
pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.46-150000.9.71.1

Ecosystem specific 

{
    "binaries": [
        {
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-back-perl": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "openldap2-back-meta": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "openldap2": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP1 / openldap2

Package

Name
openldap2
Purl
pkg:rpm/suse/openldap2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.46-150000.9.71.1

Ecosystem specific 

{
    "binaries": [
        {
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-back-perl": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "openldap2-back-meta": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "openldap2": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}

SUSE:Enterprise Storage 6 / openldap2

Package

Name
openldap2
Purl
pkg:rpm/suse/openldap2&distro=SUSE%20Enterprise%20Storage%206

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.4.46-150000.9.71.1

Ecosystem specific 

{
    "binaries": [
        {
            "openldap2-client": "2.4.46-150000.9.71.1",
            "openldap2-back-perl": "2.4.46-150000.9.71.1",
            "openldap2-devel-32bit": "2.4.46-150000.9.71.1",
            "openldap2-devel": "2.4.46-150000.9.71.1",
            "openldap2-back-meta": "2.4.46-150000.9.71.1",
            "libldap-data": "2.4.46-150000.9.71.1",
            "libldap-2_4-2-32bit": "2.4.46-150000.9.71.1",
            "libldap-2_4-2": "2.4.46-150000.9.71.1",
            "openldap2": "2.4.46-150000.9.71.1",
            "openldap2-ppolicy-check-password": "1.2-150000.9.71.1",
            "openldap2-devel-static": "2.4.46-150000.9.71.1"
        }
    ]
}