Ubuntu
ldb package

Change logs for ldb source package in Impish

  1. Impish (21.10)
  2. Change log 
  • ldb (2:2.2.3-0ubuntu0.21.10.2) impish-security; urgency=medium

  * Update to 2.2.3 for samba security update
    - Removed patches included in new version:
      + CVE-2020-27840-ldb_dn-avoid-head-corruption-in-ldb_d.patch
      + CVE-2020-27840-pytests-move-Dn.validate-test-to-ldb.patch
      + CVE-2021-20277-ldb-attrib_handlers-casefold-stay-in-.patch
      + ldb-add-tests-for-ldb_wildcard_compare.patch
      + CVE-2021-20277-ldb-tests-ldb_match-tests-with-extra-.patch
      + ldb-Remove-tests-from-ldb_match_test-that-do-not-pas.patch
    - debian/python3-lsb.symbols.in, debian/libldb2.symbols: added new
      symbols.
    - debian/patches/Skip_failing_tests.diff: skip tests failing on 32-bit
      archs.
    - CVE-2020-25718

 -- Marc Deslauriers <email address hidden>  Tue, 09 Nov 2021 13:39:03 -0500
  • ldb (2:2.2.0-3.1) unstable; urgency=medium

  * Non-maintainer upload.
  * ldb_dn: avoid head corruption in ldb_dn_explode (CVE-2020-27840)
    (Closes: #985936)
  * pytests: move Dn.validate test to ldb
  * ldb/attrib_handlers casefold: stay in bounds (CVE-2021-20277)
    (Closes: #985935)
  * ldb: add tests for ldb_wildcard_compare
  * ldb tests: ldb_match tests with extra spaces
  * ldb: Remove tests from ldb_match_test that do not pass

 -- Salvatore Bonaccorso <email address hidden>  Fri, 26 Mar 2021 19:52:18 +0100
  • ldb (2:2.2.0-3ubuntu3) impish; urgency=medium

  * No-change rebuild due to OpenLDAP soname bump.

 -- Sergio Durigan Junior <email address hidden>  Mon, 21 Jun 2021 17:50:03 -0400
  • ldb (2:2.2.0-3ubuntu2) hirsute; urgency=medium

  * SECURITY UPDATE: Heap corruption via crafted DN strings
    - debian/patches/CVE-2020-27840-1.patch: avoid head corruption in
      ldb_dn_explode in common/ldb_dn.c.
    - debian/patches/CVE-2020-27840-2.patch: add Dn.validate test to ldb
      in tests/python/crash.py, wscript.
    - CVE-2020-27840
  * SECURITY UPDATE: Out of bounds read in AD DC LDAP server
    - debian/patches/CVE-2021-20277-1.patch: add tests for
      ldb_wildcard_compare in tests/ldb_match_test.c.
    - debian/patches/CVE-2021-20277-2.patch: ldb_match tests with extra
      spaces in tests/ldb_match_test.c.
    - debian/patches/CVE-2021-20277-3.patch: remove tests from
      ldb_match_test that do not pass in tests/ldb_match_test.c.
    - debian/patches/CVE-2021-20277-4.patch: stay in bounds in
      common/attrib_handlers.c.
    - CVE-2021-20277

 -- Marc Deslauriers <email address hidden>  Tue, 30 Mar 2021 13:00:36 -0400