Hide Forgot
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). Reference: https://bugs.openldap.org/show_bug.cgi?id=9202 Upstream commits: https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_4/CHANGES https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440
Created openldap tracking bugs for this issue: Affects: fedora-all [bug 1833536]
This vulnerability is out of security support scope for the following products: * Red Hat Enterprise Application Platform 5 * Red Hat JBoss Enterprise Web Server 2 Please refer to https://access.redhat.com/support/policy/updates/jboss_notes for more details.
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:4041 https://access.redhat.com/errata/RHSA-2020:4041
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-12243