SUSE-SU-2016:0224-1 -- Suse openldap2ID: oval:org.secpod.oval:def:400696 | Date: (C)2016-11-22 (M)2024-02-19 |
Class: PATCH | Family: unix |
This update fixes the following security issues: - CVE-2015-6908: The ber_get_next function allowed remote attackers to cause a denial of service via crafted BER data, as demonstrated by an attack against slapd. - CVE-2015-4000: Fix weak Diffie-Hellman size vulnerability. It also fixes the following non-security bugs: - bsc#955210: Unresponsive LDAP host lookups in IPv6 environment This update adds the following functionality: - fate#319300: SHA2 password hashing module that can be loaded on-demand.
Platform: |
SUSE Linux Enterprise Server 12 SP1 |
SUSE Linux Enterprise Desktop 12 SP1 |
SUSE Linux Enterprise Desktop 12 |
SUSE Linux Enterprise Server 12 |