[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2016:0224-1 -- Suse openldap2

ID: oval:org.secpod.oval:def:400696Date: (C)2016-11-22   (M)2024-02-19
Class: PATCHFamily: unix




This update fixes the following security issues: - CVE-2015-6908: The ber_get_next function allowed remote attackers to cause a denial of service via crafted BER data, as demonstrated by an attack against slapd. - CVE-2015-4000: Fix weak Diffie-Hellman size vulnerability. It also fixes the following non-security bugs: - bsc#955210: Unresponsive LDAP host lookups in IPv6 environment This update adds the following functionality: - fate#319300: SHA2 password hashing module that can be loaded on-demand.

Platform:
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Server 12
Product:
openldap2
Reference:
SUSE-SU-2016:0224-1
CVE-2015-4000
CVE-2015-6908
CVE    2
CVE-2015-6908
CVE-2015-4000
CPE    5
cpe:/a:openldap:openldap2
cpe:/o:suse:suse_linux_enterprise_server:12:sp1
cpe:/o:suse:suse_linux_enterprise_server:12
cpe:/o:suse:suse_linux_enterprise_desktop:12
...

© SecPod Technologies