ALSA-2020:4568

[ALSA-2020:4568] Moderate: libldb security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2020-11-03

Description:

The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases.

The following packages have been upgraded to a later upstream version: libldb (2.1.3). (BZ#1817567)

Security Fix(es):

* samba: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results (CVE-2020-10730)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

CVE-2020-10730

Updated packages:

ldb-tools-2.1.3-2.el8.x86_64.rpm
libldb-2.1.3-2.el8.i686.rpm
libldb-2.1.3-2.el8.x86_64.rpm
libldb-devel-2.1.3-2.el8.i686.rpm
libldb-devel-2.1.3-2.el8.x86_64.rpm
python3-ldb-2.1.3-2.el8.i686.rpm
python3-ldb-2.1.3-2.el8.x86_64.rpm

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.