Oval Definition:oval:org.opensuse.security:def:125968
Revision Date:2019-09-17Version:1
Title:Security update for openldap2 (Moderate)
Description:

This update for openldap2 fixes the following issues:

Security issues fixed:

- CVE-2019-13565: Fixed ssf memory reuse that leads to incorrect authorization of another connection, granting excess connection rights (ssf) (bsc#1143194). - CVE-2019-13057: Fixed rootDN of a backend that may proxyauth incorrectly to another backend, violating multi-tenant isolation (bsc#1143273).
Family:unixClass:patch
Status:Reference(s):1143194
1143273
CVE-2019-13057
CVE-2019-13565
SUSE-SU-2019:2390-1
Platform(s):SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Software Development Kit 12 SP4
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • AND Package Information
  • openldap2-back-perl-2.4.41-18.63.1 is installed
  • OR openldap2-devel-2.4.41-18.63.1 is installed
  • OR openldap2-devel-static-2.4.41-18.63.1 is installed
    • BACK