Security update for openldap2 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2016:0090-1 Final 1 1 2016-01-12T15:39:02Z current 2016-01-12T15:39:02Z 2016-01-12T15:39:02Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for openldap2 This update fixes the following security issue: - CVE-2015-6908. Passing a crafted packet to the function ber_get_next(), an attacker may cause a remote denial of service, crashing the OpenLDAP server (bsc#945582). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp3-openldap2-20151222-12317,sdksp4-openldap2-20151222-12317,secsp3-openldap2-20151222-12317,sledsp3-openldap2-20151222-12317,sledsp4-openldap2-20151222-12317,slessp3-openldap2-20151222-12317,slessp4-openldap2-20151222-12317 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2016/suse-su-20160090-1/ Link for SUSE-SU-2016:0090-1 https://lists.suse.com/pipermail/sle-security-updates/2016-January/001793.html E-Mail link for SUSE-SU-2016:0090-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/945582 SUSE Bug 945582 https://www.suse.com/security/cve/CVE-2015-6908/ SUSE CVE CVE-2015-6908 page SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server for SAP Applications 11 SP3 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 openldap2-2.4.26-0.62.2 openldap2-back-perl-2.4.26-0.62.2 openldap2-devel-2.4.26-0.62.2 openldap2-devel-32bit-2.4.26-0.62.2 libldap-openssl1-2_4-2-2.4.26-0.62.3 libldap-openssl1-2_4-2-32bit-2.4.26-0.62.3 libldap-openssl1-2_4-2-x86-2.4.26-0.62.3 libldap-2_4-2-2.4.26-0.62.2 libldap-2_4-2-32bit-2.4.26-0.62.2 openldap2-client-2.4.26-0.62.2 compat-libldap-2_3-0-2.3.37-2.62.2 libldap-2_4-2-x86-2.4.26-0.62.2 openldap2-back-meta-2.4.26-0.62.2 libldap-2_4-2-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Desktop 11 SP3 libldap-2_4-2-32bit-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Desktop 11 SP3 openldap2-client-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Desktop 11 SP3 libldap-2_4-2-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Desktop 11 SP4 libldap-2_4-2-32bit-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Desktop 11 SP4 openldap2-client-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Desktop 11 SP4 compat-libldap-2_3-0-2.3.37-2.62.2 as a component of SUSE Linux Enterprise Server 11 SP3 libldap-2_4-2-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP3 libldap-2_4-2-32bit-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP3 libldap-2_4-2-x86-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP3 openldap2-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP3 openldap2-back-meta-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP3 openldap2-client-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP3 compat-libldap-2_3-0-2.3.37-2.62.2 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libldap-2_4-2-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libldap-2_4-2-32bit-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA libldap-2_4-2-x86-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA openldap2-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA openldap2-back-meta-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA openldap2-client-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP3-TERADATA compat-libldap-2_3-0-2.3.37-2.62.2 as a component of SUSE Linux Enterprise Server 11 SP4 libldap-2_4-2-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP4 libldap-2_4-2-32bit-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP4 libldap-2_4-2-x86-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP4 openldap2-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP4 openldap2-back-meta-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP4 openldap2-client-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server 11 SP4 libldap-openssl1-2_4-2-2.4.26-0.62.3 as a component of SUSE Linux Enterprise Server 11-SECURITY libldap-openssl1-2_4-2-32bit-2.4.26-0.62.3 as a component of SUSE Linux Enterprise Server 11-SECURITY libldap-openssl1-2_4-2-x86-2.4.26-0.62.3 as a component of SUSE Linux Enterprise Server 11-SECURITY compat-libldap-2_3-0-2.3.37-2.62.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libldap-2_4-2-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libldap-2_4-2-32bit-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 libldap-2_4-2-x86-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 openldap2-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 openldap2-back-meta-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 openldap2-client-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP3 compat-libldap-2_3-0-2.3.37-2.62.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libldap-2_4-2-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libldap-2_4-2-32bit-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 libldap-2_4-2-x86-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 openldap2-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 openldap2-back-meta-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 openldap2-client-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 openldap2-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 openldap2-back-perl-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 openldap2-devel-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 openldap2-devel-32bit-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP3 openldap2-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 openldap2-back-perl-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 openldap2-devel-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 openldap2-devel-32bit-2.4.26-0.62.2 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service (reachable assertion and application crash) via crafted BER data, as demonstrated by an attack against slapd. CVE-2015-6908 SUSE Linux Enterprise Desktop 11 SP3:libldap-2_4-2-2.4.26-0.62.2 SUSE Linux Enterprise Desktop 11 SP3:libldap-2_4-2-32bit-2.4.26-0.62.2 SUSE Linux Enterprise Desktop 11 SP3:openldap2-client-2.4.26-0.62.2 SUSE Linux Enterprise Desktop 11 SP4:libldap-2_4-2-2.4.26-0.62.2 SUSE Linux Enterprise Desktop 11 SP4:libldap-2_4-2-32bit-2.4.26-0.62.2 SUSE Linux Enterprise Desktop 11 SP4:openldap2-client-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:compat-libldap-2_3-0-2.3.37-2.62.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:libldap-2_4-2-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:libldap-2_4-2-32bit-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:libldap-2_4-2-x86-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:openldap2-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:openldap2-back-meta-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP3-TERADATA:openldap2-client-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP3:compat-libldap-2_3-0-2.3.37-2.62.2 SUSE Linux Enterprise Server 11 SP3:libldap-2_4-2-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP3:libldap-2_4-2-32bit-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP3:libldap-2_4-2-x86-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP3:openldap2-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP3:openldap2-back-meta-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP3:openldap2-client-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP4:compat-libldap-2_3-0-2.3.37-2.62.2 SUSE Linux Enterprise Server 11 SP4:libldap-2_4-2-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP4:libldap-2_4-2-32bit-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP4:libldap-2_4-2-x86-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP4:openldap2-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP4:openldap2-back-meta-2.4.26-0.62.2 SUSE Linux Enterprise Server 11 SP4:openldap2-client-2.4.26-0.62.2 SUSE Linux Enterprise Server 11-SECURITY:libldap-openssl1-2_4-2-2.4.26-0.62.3 SUSE Linux Enterprise Server 11-SECURITY:libldap-openssl1-2_4-2-32bit-2.4.26-0.62.3 SUSE Linux Enterprise Server 11-SECURITY:libldap-openssl1-2_4-2-x86-2.4.26-0.62.3 SUSE Linux Enterprise Server for SAP Applications 11 SP3:compat-libldap-2_3-0-2.3.37-2.62.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libldap-2_4-2-2.4.26-0.62.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libldap-2_4-2-32bit-2.4.26-0.62.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:libldap-2_4-2-x86-2.4.26-0.62.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openldap2-2.4.26-0.62.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openldap2-back-meta-2.4.26-0.62.2 SUSE Linux Enterprise Server for SAP Applications 11 SP3:openldap2-client-2.4.26-0.62.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:compat-libldap-2_3-0-2.3.37-2.62.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libldap-2_4-2-2.4.26-0.62.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libldap-2_4-2-32bit-2.4.26-0.62.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:libldap-2_4-2-x86-2.4.26-0.62.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:openldap2-2.4.26-0.62.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:openldap2-back-meta-2.4.26-0.62.2 SUSE Linux Enterprise Server for SAP Applications 11 SP4:openldap2-client-2.4.26-0.62.2 SUSE Linux Enterprise Software Development Kit 11 SP3:openldap2-2.4.26-0.62.2 SUSE Linux Enterprise Software Development Kit 11 SP3:openldap2-back-perl-2.4.26-0.62.2 SUSE Linux Enterprise Software Development Kit 11 SP3:openldap2-devel-2.4.26-0.62.2 SUSE Linux Enterprise Software Development Kit 11 SP3:openldap2-devel-32bit-2.4.26-0.62.2 SUSE Linux Enterprise Software Development Kit 11 SP4:openldap2-2.4.26-0.62.2 SUSE Linux Enterprise Software Development Kit 11 SP4:openldap2-back-perl-2.4.26-0.62.2 SUSE Linux Enterprise Software Development Kit 11 SP4:openldap2-devel-2.4.26-0.62.2 SUSE Linux Enterprise Software Development Kit 11 SP4:openldap2-devel-32bit-2.4.26-0.62.2 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2016/suse-su-20160090-1/ https://www.suse.com/security/cve/CVE-2015-6908.html CVE-2015-6908 https://bugzilla.suse.com/945582 SUSE Bug 945582