Operating System:

[SUSE]

Published:

04 March 2021

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0788
                       Security update for openldap2
                               4 March 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           openldap2
Publisher:         SUSE
Operating System:  SUSE
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2021-27212 CVE-2020-36230 CVE-2020-36229
                   CVE-2020-36228 CVE-2020-36227 CVE-2020-36226
                   CVE-2020-36225 CVE-2020-36224 CVE-2020-36223
                   CVE-2020-36222 CVE-2020-36221 

Reference:         ESB-2021.0429
                   ESB-2021.0391

Original Bulletin: 
   https://www.suse.com/support/update/announcement/2021/suse-su-20210692-1
   https://www.suse.com/support/update/announcement/2021/suse-su-20210693-1

Comment: This bulletin contains two (2) SUSE security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

SUSE Security Update: Security update for openldap2

______________________________________________________________________________

Announcement ID:   SUSE-SU-2021:0692-1
Rating:            important
References:        #1182279 #1182408 #1182411 #1182412 #1182413 #1182415
                   #1182416 #1182417 #1182418 #1182419 #1182420
Cross-References:  CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224
                   CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228
                   CVE-2020-36229 CVE-2020-36230 CVE-2021-27212
Affected Products:
                   SUSE Linux Enterprise Server for SAP 12-SP5
                   SUSE Linux Enterprise Server for SAP 12-SP4
                   SUSE Linux Enterprise Server for SAP 12-SP3
                   SUSE Linux Enterprise Server for SAP 12-SP2
                   SUSE Linux Enterprise Module for Legacy Software 12
______________________________________________________________________________

An update that fixes 11 vulnerabilities is now available.

Description:

This update for openldap2 fixes the following issues:

  o bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN
    parsing in decode.c ber_next_element, resulting in denial of service.
  o bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing
    in ad_keystring, resulting in denial of service.
  o bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the
    Certificate List Exact Assertion processing, resulting in denial of
    service.
  o bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop
    Cancel operation, resulting in denial of service.
  o bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo
    processing, resulting in denial of service.
  o bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the
    saslAuthzTo processing, resulting in denial of service.
  o bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd crash
    in the saslAuthzTo processing, resulting in denial of service.
  o bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo
    validation, resulting in denial of service.
  o bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact
    Assertion processing, resulting in denial of service (schema_init.c
    serialNumberAndIssuerCheck).
  o bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter
    control handling, resulting in denial of service (double free and
    out-of-bounds read).
  o bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the
    issuerAndThisUpdateCheck function via a crafted packet, resulting in a
    denial of service (daemon exit) via a short timestamp. This is related to
    schema_init.c and checkTime.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE Linux Enterprise Server for SAP 12-SP5:
    zypper in -t patch SUSE-SLE-SAP-12-SP5-2021-692=1
  o SUSE Linux Enterprise Server for SAP 12-SP4:
    zypper in -t patch SUSE-SLE-SAP-12-SP4-2021-692=1
  o SUSE Linux Enterprise Server for SAP 12-SP3:
    zypper in -t patch SUSE-SLE-SAP-12-SP3-2021-692=1
  o SUSE Linux Enterprise Server for SAP 12-SP2:
    zypper in -t patch SUSE-SLE-SAP-12-SP2-2021-692=1
  o SUSE Linux Enterprise Module for Legacy Software 12:
    zypper in -t patch SUSE-SLE-Module-Legacy-12-2021-692=1

Package List:

  o SUSE Linux Enterprise Server for SAP 12-SP5 (ppc64le x86_64):
       compat-libldap-2_3-0-2.3.37-39.1
       compat-libldap-2_3-0-debuginfo-2.3.37-39.1
  o SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64):
       compat-libldap-2_3-0-2.3.37-39.1
       compat-libldap-2_3-0-debuginfo-2.3.37-39.1
  o SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64):
       compat-libldap-2_3-0-2.3.37-39.1
       compat-libldap-2_3-0-debuginfo-2.3.37-39.1
  o SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64):
       compat-libldap-2_3-0-2.3.37-39.1
       compat-libldap-2_3-0-debuginfo-2.3.37-39.1
  o SUSE Linux Enterprise Module for Legacy Software 12 (aarch64 ppc64le s390x
    x86_64):
       compat-libldap-2_3-0-2.3.37-39.1
       compat-libldap-2_3-0-debuginfo-2.3.37-39.1


References:

  o https://www.suse.com/security/cve/CVE-2020-36221.html
  o https://www.suse.com/security/cve/CVE-2020-36222.html
  o https://www.suse.com/security/cve/CVE-2020-36223.html
  o https://www.suse.com/security/cve/CVE-2020-36224.html
  o https://www.suse.com/security/cve/CVE-2020-36225.html
  o https://www.suse.com/security/cve/CVE-2020-36226.html
  o https://www.suse.com/security/cve/CVE-2020-36227.html
  o https://www.suse.com/security/cve/CVE-2020-36228.html
  o https://www.suse.com/security/cve/CVE-2020-36229.html
  o https://www.suse.com/security/cve/CVE-2020-36230.html
  o https://www.suse.com/security/cve/CVE-2021-27212.html
  o https://bugzilla.suse.com/1182279
  o https://bugzilla.suse.com/1182408
  o https://bugzilla.suse.com/1182411
  o https://bugzilla.suse.com/1182412
  o https://bugzilla.suse.com/1182413
  o https://bugzilla.suse.com/1182415
  o https://bugzilla.suse.com/1182416
  o https://bugzilla.suse.com/1182417
  o https://bugzilla.suse.com/1182418
  o https://bugzilla.suse.com/1182419
  o https://bugzilla.suse.com/1182420

- -----------------------------------------------------------------------------

SUSE Security Update: Security update for openldap2

______________________________________________________________________________

Announcement ID:   SUSE-SU-2021:0693-1
Rating:            important
References:        #1182279 #1182408 #1182411 #1182412 #1182413 #1182415
                   #1182416 #1182417 #1182418 #1182419 #1182420
Cross-References:  CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224
                   CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228
                   CVE-2020-36229 CVE-2020-36230 CVE-2021-27212
Affected Products:
                   SUSE OpenStack Cloud Crowbar 9
                   SUSE OpenStack Cloud Crowbar 8
                   SUSE OpenStack Cloud 9
                   SUSE OpenStack Cloud 8
                   SUSE OpenStack Cloud 7
                   SUSE Linux Enterprise Software Development Kit 12-SP5
                   SUSE Linux Enterprise Server for SAP 12-SP4
                   SUSE Linux Enterprise Server for SAP 12-SP3
                   SUSE Linux Enterprise Server for SAP 12-SP2
                   SUSE Linux Enterprise Server 12-SP5
                   SUSE Linux Enterprise Server 12-SP4-LTSS
                   SUSE Linux Enterprise Server 12-SP3-LTSS
                   SUSE Linux Enterprise Server 12-SP3-BCL
                   SUSE Linux Enterprise Server 12-SP2-LTSS
                   SUSE Linux Enterprise Server 12-SP2-BCL
                   HPE Helion Openstack 8
______________________________________________________________________________

An update that fixes 11 vulnerabilities is now available.

Description:

This update for openldap2 fixes the following issues:

  o bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN
    parsing in decode.c ber_next_element, resulting in denial of service.
  o bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing
    in ad_keystring, resulting in denial of service.
  o bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the
    Certificate List Exact Assertion processing, resulting in denial of
    service.
  o bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop
    Cancel operation, resulting in denial of service.
  o bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo
    processing, resulting in denial of service.
  o bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the
    saslAuthzTo processing, resulting in denial of service.
  o bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd crash
    in the saslAuthzTo processing, resulting in denial of service.
  o bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo
    validation, resulting in denial of service.
  o bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact
    Assertion processing, resulting in denial of service (schema_init.c
    serialNumberAndIssuerCheck).
  o bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter
    control handling, resulting in denial of service (double free and
    out-of-bounds read).
  o bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the
    issuerAndThisUpdateCheck function via a crafted packet, resulting in a
    denial of service (daemon exit) via a short timestamp. This is related to
    schema_init.c and checkTime.

Patch Instructions:

To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  o SUSE OpenStack Cloud Crowbar 9:
    zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2021-693=1
  o SUSE OpenStack Cloud Crowbar 8:
    zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2021-693=1
  o SUSE OpenStack Cloud 9:
    zypper in -t patch SUSE-OpenStack-Cloud-9-2021-693=1
  o SUSE OpenStack Cloud 8:
    zypper in -t patch SUSE-OpenStack-Cloud-8-2021-693=1
  o SUSE OpenStack Cloud 7:
    zypper in -t patch SUSE-OpenStack-Cloud-7-2021-693=1
  o SUSE Linux Enterprise Software Development Kit 12-SP5:
    zypper in -t patch SUSE-SLE-SDK-12-SP5-2021-693=1
  o SUSE Linux Enterprise Server for SAP 12-SP4:
    zypper in -t patch SUSE-SLE-SAP-12-SP4-2021-693=1
  o SUSE Linux Enterprise Server for SAP 12-SP3:
    zypper in -t patch SUSE-SLE-SAP-12-SP3-2021-693=1
  o SUSE Linux Enterprise Server for SAP 12-SP2:
    zypper in -t patch SUSE-SLE-SAP-12-SP2-2021-693=1
  o SUSE Linux Enterprise Server 12-SP5:
    zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-693=1
  o SUSE Linux Enterprise Server 12-SP4-LTSS:
    zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2021-693=1
  o SUSE Linux Enterprise Server 12-SP3-LTSS:
    zypper in -t patch SUSE-SLE-SERVER-12-SP3-2021-693=1
  o SUSE Linux Enterprise Server 12-SP3-BCL:
    zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2021-693=1
  o SUSE Linux Enterprise Server 12-SP2-LTSS:
    zypper in -t patch SUSE-SLE-SERVER-12-SP2-2021-693=1
  o SUSE Linux Enterprise Server 12-SP2-BCL:
    zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2021-693=1
  o HPE Helion Openstack 8:
    zypper in -t patch HPE-Helion-OpenStack-8-2021-693=1

Package List:

  o SUSE OpenStack Cloud Crowbar 9 (noarch):
       openldap2-doc-2.4.41-18.83.1
  o SUSE OpenStack Cloud Crowbar 9 (x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-ppolicy-check-password-1.2-18.83.1
       openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1
  o SUSE OpenStack Cloud Crowbar 8 (noarch):
       openldap2-doc-2.4.41-18.83.1
  o SUSE OpenStack Cloud Crowbar 8 (x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-ppolicy-check-password-1.2-18.83.1
       openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1
  o SUSE OpenStack Cloud 9 (noarch):
       openldap2-doc-2.4.41-18.83.1
  o SUSE OpenStack Cloud 9 (x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-ppolicy-check-password-1.2-18.83.1
       openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1
  o SUSE OpenStack Cloud 8 (x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-ppolicy-check-password-1.2-18.83.1
       openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1
  o SUSE OpenStack Cloud 8 (noarch):
       openldap2-doc-2.4.41-18.83.1
  o SUSE OpenStack Cloud 7 (s390x x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-ppolicy-check-password-1.2-18.83.1
       openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1
  o SUSE OpenStack Cloud 7 (noarch):
       openldap2-doc-2.4.41-18.83.1
  o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le
    s390x x86_64):
       openldap2-back-perl-2.4.41-18.83.1
       openldap2-back-perl-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-devel-2.4.41-18.83.1
       openldap2-devel-static-2.4.41-18.83.1
  o SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-ppolicy-check-password-1.2-18.83.1
       openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1
  o SUSE Linux Enterprise Server for SAP 12-SP4 (x86_64):
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
  o SUSE Linux Enterprise Server for SAP 12-SP4 (noarch):
       openldap2-doc-2.4.41-18.83.1
  o SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-ppolicy-check-password-1.2-18.83.1
       openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1
  o SUSE Linux Enterprise Server for SAP 12-SP3 (noarch):
       openldap2-doc-2.4.41-18.83.1
  o SUSE Linux Enterprise Server for SAP 12-SP3 (x86_64):
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
  o SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-ppolicy-check-password-1.2-18.83.1
       openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1
  o SUSE Linux Enterprise Server for SAP 12-SP2 (noarch):
       openldap2-doc-2.4.41-18.83.1
  o SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64):
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
  o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-ppolicy-check-password-1.2-18.83.1
       openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1
  o SUSE Linux Enterprise Server 12-SP5 (s390x x86_64):
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
  o SUSE Linux Enterprise Server 12-SP5 (noarch):
       openldap2-doc-2.4.41-18.83.1
  o SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-ppolicy-check-password-1.2-18.83.1
       openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1
  o SUSE Linux Enterprise Server 12-SP4-LTSS (s390x x86_64):
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
  o SUSE Linux Enterprise Server 12-SP4-LTSS (noarch):
       openldap2-doc-2.4.41-18.83.1
  o SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-ppolicy-check-password-1.2-18.83.1
       openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1
  o SUSE Linux Enterprise Server 12-SP3-LTSS (s390x x86_64):
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
  o SUSE Linux Enterprise Server 12-SP3-LTSS (noarch):
       openldap2-doc-2.4.41-18.83.1
  o SUSE Linux Enterprise Server 12-SP3-BCL (noarch):
       openldap2-doc-2.4.41-18.83.1
  o SUSE Linux Enterprise Server 12-SP3-BCL (x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-ppolicy-check-password-1.2-18.83.1
       openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1
  o SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-ppolicy-check-password-1.2-18.83.1
       openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1
  o SUSE Linux Enterprise Server 12-SP2-LTSS (s390x x86_64):
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
  o SUSE Linux Enterprise Server 12-SP2-LTSS (noarch):
       openldap2-doc-2.4.41-18.83.1
  o SUSE Linux Enterprise Server 12-SP2-BCL (noarch):
       openldap2-doc-2.4.41-18.83.1
  o SUSE Linux Enterprise Server 12-SP2-BCL (x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
  o HPE Helion Openstack 8 (noarch):
       openldap2-doc-2.4.41-18.83.1
  o HPE Helion Openstack 8 (x86_64):
       libldap-2_4-2-2.4.41-18.83.1
       libldap-2_4-2-32bit-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-2.4.41-18.83.1
       libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1
       openldap2-2.4.41-18.83.1
       openldap2-back-meta-2.4.41-18.83.1
       openldap2-back-meta-debuginfo-2.4.41-18.83.1
       openldap2-client-2.4.41-18.83.1
       openldap2-client-debuginfo-2.4.41-18.83.1
       openldap2-debuginfo-2.4.41-18.83.1
       openldap2-debugsource-2.4.41-18.83.1
       openldap2-ppolicy-check-password-1.2-18.83.1
       openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1


References:

  o https://www.suse.com/security/cve/CVE-2020-36221.html
  o https://www.suse.com/security/cve/CVE-2020-36222.html
  o https://www.suse.com/security/cve/CVE-2020-36223.html
  o https://www.suse.com/security/cve/CVE-2020-36224.html
  o https://www.suse.com/security/cve/CVE-2020-36225.html
  o https://www.suse.com/security/cve/CVE-2020-36226.html
  o https://www.suse.com/security/cve/CVE-2020-36227.html
  o https://www.suse.com/security/cve/CVE-2020-36228.html
  o https://www.suse.com/security/cve/CVE-2020-36229.html
  o https://www.suse.com/security/cve/CVE-2020-36230.html
  o https://www.suse.com/security/cve/CVE-2021-27212.html
  o https://bugzilla.suse.com/1182279
  o https://bugzilla.suse.com/1182408
  o https://bugzilla.suse.com/1182411
  o https://bugzilla.suse.com/1182412
  o https://bugzilla.suse.com/1182413
  o https://bugzilla.suse.com/1182415
  o https://bugzilla.suse.com/1182416
  o https://bugzilla.suse.com/1182417
  o https://bugzilla.suse.com/1182418
  o https://bugzilla.suse.com/1182419
  o https://bugzilla.suse.com/1182420

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYEBu9ONLKJtyKPYoAQitZA//WU1xB8dkqunRfxThRJK/PDw0aXvmyFrX
xIRhvhbpK+GOtF1Nn0/tnspv3EogeytHMy11D0ImYG1EQCTi2RoliLEo6BKtDjPo
URm2rWnLcVnewYtxaYHl85lObX+CX5EDrdOXvnZxPQ335PL3CVbEfrMXkj4er+QJ
LThpC7gKDZCmWSOwlaXFhd69UccrH6yIj6LFkRQvrOkyd5WyskVXNcXzNhpKXdFi
6J5RkZZ+fFWQcUewqKMugXyInvuXblHJMLW4gehTNPLYiZxsIGqAvKSssU37BMex
iWfyzpVZ4G6VVMdMNAYWng6dFPmQp4wLIQAFmFpGlO4HJHZmK3tAB56k3vc4Eedt
TH6OMqZvtToh61Q0ZC7OyEvQcRZJQVmx4dqPqZXe8ic3SuF+HyCgtk1FHrY6wSO4
9z+GWNJWMURfTXwiKTkOl204sEFyQDQFBnbXrRPPXPPff2bFW2AnEZUy5XxiR+NF
c8vzvLrtXvXWFjOtL1gHTOZNhBm6XUuZXVex+k9CCBltj8RtZ5axre/6WuUOxESy
VckWDRtJwDq7BiLB7JrH5HraShEy650Ep635/blb7vDN3uQ3VVGTGcnDIiJ5CLM0
ln027C871Pvqc4D5EQ/6F4uykCRpddZtkcY26K/33LkR2UjG+1/yiOfxM9WvpB8x
bKtqj52KisE=
=EwRl
-----END PGP SIGNATURE-----