Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0788 Security update for openldap2 4 March 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: openldap2 Publisher: SUSE Operating System: SUSE Impact/Access: Denial of Service -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2021-27212 CVE-2020-36230 CVE-2020-36229 CVE-2020-36228 CVE-2020-36227 CVE-2020-36226 CVE-2020-36225 CVE-2020-36224 CVE-2020-36223 CVE-2020-36222 CVE-2020-36221 Reference: ESB-2021.0429 ESB-2021.0391 Original Bulletin: https://www.suse.com/support/update/announcement/2021/suse-su-20210692-1 https://www.suse.com/support/update/announcement/2021/suse-su-20210693-1 Comment: This bulletin contains two (2) SUSE security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for openldap2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:0692-1 Rating: important References: #1182279 #1182408 #1182411 #1182412 #1182413 #1182415 #1182416 #1182417 #1182418 #1182419 #1182420 Cross-References: CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 CVE-2021-27212 Affected Products: SUSE Linux Enterprise Server for SAP 12-SP5 SUSE Linux Enterprise Server for SAP 12-SP4 SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Module for Legacy Software 12 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: This update for openldap2 fixes the following issues: o bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. o bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. o bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the Certificate List Exact Assertion processing, resulting in denial of service. o bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. o bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. o bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. o bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. o bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. o bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). o bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). o bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Linux Enterprise Server for SAP 12-SP5: zypper in -t patch SUSE-SLE-SAP-12-SP5-2021-692=1 o SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2021-692=1 o SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2021-692=1 o SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2021-692=1 o SUSE Linux Enterprise Module for Legacy Software 12: zypper in -t patch SUSE-SLE-Module-Legacy-12-2021-692=1 Package List: o SUSE Linux Enterprise Server for SAP 12-SP5 (ppc64le x86_64): compat-libldap-2_3-0-2.3.37-39.1 compat-libldap-2_3-0-debuginfo-2.3.37-39.1 o SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64): compat-libldap-2_3-0-2.3.37-39.1 compat-libldap-2_3-0-debuginfo-2.3.37-39.1 o SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64): compat-libldap-2_3-0-2.3.37-39.1 compat-libldap-2_3-0-debuginfo-2.3.37-39.1 o SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): compat-libldap-2_3-0-2.3.37-39.1 compat-libldap-2_3-0-debuginfo-2.3.37-39.1 o SUSE Linux Enterprise Module for Legacy Software 12 (aarch64 ppc64le s390x x86_64): compat-libldap-2_3-0-2.3.37-39.1 compat-libldap-2_3-0-debuginfo-2.3.37-39.1 References: o https://www.suse.com/security/cve/CVE-2020-36221.html o https://www.suse.com/security/cve/CVE-2020-36222.html o https://www.suse.com/security/cve/CVE-2020-36223.html o https://www.suse.com/security/cve/CVE-2020-36224.html o https://www.suse.com/security/cve/CVE-2020-36225.html o https://www.suse.com/security/cve/CVE-2020-36226.html o https://www.suse.com/security/cve/CVE-2020-36227.html o https://www.suse.com/security/cve/CVE-2020-36228.html o https://www.suse.com/security/cve/CVE-2020-36229.html o https://www.suse.com/security/cve/CVE-2020-36230.html o https://www.suse.com/security/cve/CVE-2021-27212.html o https://bugzilla.suse.com/1182279 o https://bugzilla.suse.com/1182408 o https://bugzilla.suse.com/1182411 o https://bugzilla.suse.com/1182412 o https://bugzilla.suse.com/1182413 o https://bugzilla.suse.com/1182415 o https://bugzilla.suse.com/1182416 o https://bugzilla.suse.com/1182417 o https://bugzilla.suse.com/1182418 o https://bugzilla.suse.com/1182419 o https://bugzilla.suse.com/1182420 - ----------------------------------------------------------------------------- SUSE Security Update: Security update for openldap2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:0693-1 Rating: important References: #1182279 #1182408 #1182411 #1182412 #1182413 #1182415 #1182416 #1182417 #1182418 #1182419 #1182420 Cross-References: CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 CVE-2021-27212 Affected Products: SUSE OpenStack Cloud Crowbar 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 7 SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Server for SAP 12-SP4 SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server 12-SP4-LTSS SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Server 12-SP2-BCL HPE Helion Openstack 8 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: This update for openldap2 fixes the following issues: o bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. o bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. o bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the Certificate List Exact Assertion processing, resulting in denial of service. o bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. o bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. o bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. o bsc#1182415 CVE-2020-36226 - memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. o bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. o bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). o bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). o bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2021-693=1 o SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2021-693=1 o SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2021-693=1 o SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2021-693=1 o SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2021-693=1 o SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2021-693=1 o SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2021-693=1 o SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2021-693=1 o SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2021-693=1 o SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2021-693=1 o SUSE Linux Enterprise Server 12-SP4-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2021-693=1 o SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2021-693=1 o SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2021-693=1 o SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2021-693=1 o SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2021-693=1 o HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2021-693=1 Package List: o SUSE OpenStack Cloud Crowbar 9 (noarch): openldap2-doc-2.4.41-18.83.1 o SUSE OpenStack Cloud Crowbar 9 (x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-ppolicy-check-password-1.2-18.83.1 openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1 o SUSE OpenStack Cloud Crowbar 8 (noarch): openldap2-doc-2.4.41-18.83.1 o SUSE OpenStack Cloud Crowbar 8 (x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-ppolicy-check-password-1.2-18.83.1 openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1 o SUSE OpenStack Cloud 9 (noarch): openldap2-doc-2.4.41-18.83.1 o SUSE OpenStack Cloud 9 (x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-ppolicy-check-password-1.2-18.83.1 openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1 o SUSE OpenStack Cloud 8 (x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-ppolicy-check-password-1.2-18.83.1 openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1 o SUSE OpenStack Cloud 8 (noarch): openldap2-doc-2.4.41-18.83.1 o SUSE OpenStack Cloud 7 (s390x x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-ppolicy-check-password-1.2-18.83.1 openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1 o SUSE OpenStack Cloud 7 (noarch): openldap2-doc-2.4.41-18.83.1 o SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): openldap2-back-perl-2.4.41-18.83.1 openldap2-back-perl-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-devel-2.4.41-18.83.1 openldap2-devel-static-2.4.41-18.83.1 o SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-ppolicy-check-password-1.2-18.83.1 openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1 o SUSE Linux Enterprise Server for SAP 12-SP4 (x86_64): libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 o SUSE Linux Enterprise Server for SAP 12-SP4 (noarch): openldap2-doc-2.4.41-18.83.1 o SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-ppolicy-check-password-1.2-18.83.1 openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1 o SUSE Linux Enterprise Server for SAP 12-SP3 (noarch): openldap2-doc-2.4.41-18.83.1 o SUSE Linux Enterprise Server for SAP 12-SP3 (x86_64): libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 o SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-ppolicy-check-password-1.2-18.83.1 openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1 o SUSE Linux Enterprise Server for SAP 12-SP2 (noarch): openldap2-doc-2.4.41-18.83.1 o SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64): libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-ppolicy-check-password-1.2-18.83.1 openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1 o SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 o SUSE Linux Enterprise Server 12-SP5 (noarch): openldap2-doc-2.4.41-18.83.1 o SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-ppolicy-check-password-1.2-18.83.1 openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1 o SUSE Linux Enterprise Server 12-SP4-LTSS (s390x x86_64): libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 o SUSE Linux Enterprise Server 12-SP4-LTSS (noarch): openldap2-doc-2.4.41-18.83.1 o SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-ppolicy-check-password-1.2-18.83.1 openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1 o SUSE Linux Enterprise Server 12-SP3-LTSS (s390x x86_64): libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 o SUSE Linux Enterprise Server 12-SP3-LTSS (noarch): openldap2-doc-2.4.41-18.83.1 o SUSE Linux Enterprise Server 12-SP3-BCL (noarch): openldap2-doc-2.4.41-18.83.1 o SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-ppolicy-check-password-1.2-18.83.1 openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1 o SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-ppolicy-check-password-1.2-18.83.1 openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1 o SUSE Linux Enterprise Server 12-SP2-LTSS (s390x x86_64): libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 o SUSE Linux Enterprise Server 12-SP2-LTSS (noarch): openldap2-doc-2.4.41-18.83.1 o SUSE Linux Enterprise Server 12-SP2-BCL (noarch): openldap2-doc-2.4.41-18.83.1 o SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 o HPE Helion Openstack 8 (noarch): openldap2-doc-2.4.41-18.83.1 o HPE Helion Openstack 8 (x86_64): libldap-2_4-2-2.4.41-18.83.1 libldap-2_4-2-32bit-2.4.41-18.83.1 libldap-2_4-2-debuginfo-2.4.41-18.83.1 libldap-2_4-2-debuginfo-32bit-2.4.41-18.83.1 openldap2-2.4.41-18.83.1 openldap2-back-meta-2.4.41-18.83.1 openldap2-back-meta-debuginfo-2.4.41-18.83.1 openldap2-client-2.4.41-18.83.1 openldap2-client-debuginfo-2.4.41-18.83.1 openldap2-debuginfo-2.4.41-18.83.1 openldap2-debugsource-2.4.41-18.83.1 openldap2-ppolicy-check-password-1.2-18.83.1 openldap2-ppolicy-check-password-debuginfo-1.2-18.83.1 References: o https://www.suse.com/security/cve/CVE-2020-36221.html o https://www.suse.com/security/cve/CVE-2020-36222.html o https://www.suse.com/security/cve/CVE-2020-36223.html o https://www.suse.com/security/cve/CVE-2020-36224.html o https://www.suse.com/security/cve/CVE-2020-36225.html o https://www.suse.com/security/cve/CVE-2020-36226.html o https://www.suse.com/security/cve/CVE-2020-36227.html o https://www.suse.com/security/cve/CVE-2020-36228.html o https://www.suse.com/security/cve/CVE-2020-36229.html o https://www.suse.com/security/cve/CVE-2020-36230.html o https://www.suse.com/security/cve/CVE-2021-27212.html o https://bugzilla.suse.com/1182279 o https://bugzilla.suse.com/1182408 o https://bugzilla.suse.com/1182411 o https://bugzilla.suse.com/1182412 o https://bugzilla.suse.com/1182413 o https://bugzilla.suse.com/1182415 o https://bugzilla.suse.com/1182416 o https://bugzilla.suse.com/1182417 o https://bugzilla.suse.com/1182418 o https://bugzilla.suse.com/1182419 o https://bugzilla.suse.com/1182420 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYEBu9ONLKJtyKPYoAQitZA//WU1xB8dkqunRfxThRJK/PDw0aXvmyFrX xIRhvhbpK+GOtF1Nn0/tnspv3EogeytHMy11D0ImYG1EQCTi2RoliLEo6BKtDjPo URm2rWnLcVnewYtxaYHl85lObX+CX5EDrdOXvnZxPQ335PL3CVbEfrMXkj4er+QJ LThpC7gKDZCmWSOwlaXFhd69UccrH6yIj6LFkRQvrOkyd5WyskVXNcXzNhpKXdFi 6J5RkZZ+fFWQcUewqKMugXyInvuXblHJMLW4gehTNPLYiZxsIGqAvKSssU37BMex iWfyzpVZ4G6VVMdMNAYWng6dFPmQp4wLIQAFmFpGlO4HJHZmK3tAB56k3vc4Eedt TH6OMqZvtToh61Q0ZC7OyEvQcRZJQVmx4dqPqZXe8ic3SuF+HyCgtk1FHrY6wSO4 9z+GWNJWMURfTXwiKTkOl204sEFyQDQFBnbXrRPPXPPff2bFW2AnEZUy5XxiR+NF c8vzvLrtXvXWFjOtL1gHTOZNhBm6XUuZXVex+k9CCBltj8RtZ5axre/6WuUOxESy VckWDRtJwDq7BiLB7JrH5HraShEy650Ep635/blb7vDN3uQ3VVGTGcnDIiJ5CLM0 ln027C871Pvqc4D5EQ/6F4uykCRpddZtkcY26K/33LkR2UjG+1/yiOfxM9WvpB8x bKtqj52KisE= =EwRl -----END PGP SIGNATURE-----