Hide Forgot
It was reported [1] that certain queries cause slapd to crash while freeing operation controls. Upstream report: http://www.openldap.org/its/?findid=8046 Upstream patch: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commitdiff;h=2f1a2dd329b91afe561cd06b872d09630d4edb6a [1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776991
Created openldap tracking bugs for this issue: Affects: fedora-all [bug 1190646]
Statement: Although we do ship the vulnerable function, the attack vector demonstrated in the original report does not apply to us, as we've never backported the patch that introduces this particular attack vector. We're currently unaware of an attack vector that applies to us. Red Hat Product Security has rated this issue as having a security impact of Moderate. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.