Vulmon
Amazon Linux 2 Security Advisory: ALAS-2020-1539
Advisory Release Date: 2020-10-22 18:29 Pacific
Advisory Updated Date: 2020-10-22 22:34 Pacific
Severity:
Medium
References:
CVE-2020-12243
Issue Overview:
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). (CVE-2020-12243)
Affected Packages:
openldap
Issue Correction:
Run yum update openldap to update your system.
New Packages:
aarch64:
openldap-2.4.44-22.amzn2.aarch64
openldap-devel-2.4.44-22.amzn2.aarch64
openldap-servers-2.4.44-22.amzn2.aarch64
openldap-servers-sql-2.4.44-22.amzn2.aarch64
openldap-clients-2.4.44-22.amzn2.aarch64
openldap-debuginfo-2.4.44-22.amzn2.aarch64
i686:
openldap-2.4.44-22.amzn2.i686
openldap-devel-2.4.44-22.amzn2.i686
openldap-servers-2.4.44-22.amzn2.i686
openldap-servers-sql-2.4.44-22.amzn2.i686
openldap-clients-2.4.44-22.amzn2.i686
openldap-debuginfo-2.4.44-22.amzn2.i686
src:
openldap-2.4.44-22.amzn2.src
x86_64:
openldap-2.4.44-22.amzn2.x86_64
openldap-devel-2.4.44-22.amzn2.x86_64
openldap-servers-2.4.44-22.amzn2.x86_64
openldap-servers-sql-2.4.44-22.amzn2.x86_64
openldap-clients-2.4.44-22.amzn2.x86_64
openldap-debuginfo-2.4.44-22.amzn2.x86_64