| Errata ID | 371 |
|---|---|
| Date | 2015-09-23 |
| Source package | openldap |
| Fixed in version | 2.4.35-1.203.201509141755 |
| Description | This update addresses the following issues: * When using the mdb backend, the ldap search erroneously returned the base object in some cases. This has been fixed. * If the slapo-deref overlay is used (which is not the case in a standard UCS installation) and if the list of attributes to be dereferenced is left empty, slapd can be crashed (CVE-2015-1545) * Denial of service by unauthenticated remote attackers via crafted BER data (CVE-2015-6908) |
| Additional notes | |
| CVE ID | CVE-2015-1545 CVE-2015-6908 |
| UCS Bug number | #38424 #37728 |
