Bug#347416: libapache-auth-ldap: Multiple Format Strings Vulnerability

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#347416: libapache-auth-ldap: Multiple Format Strings Vulnerability
From: Ola Westin <owe@spacemetric.com>
Date: Tue, 10 Jan 2006 16:25:31 +0100
Message-id: <[🔎] 20060110152531.54803125D6B@mail.spacemetric.se>
Reply-to: Ola Westin <owe@spacemetric.com>, 347416@bugs.debian.org

Package: libapache-auth-ldap
Version: 1.6.0-8
Severity: grave
Tags: security
Justification: user security hole


auth_ldap version 1.6.0 contains a remote security vulnerability.
See http://www.digitalarmaments.com/2006090173928420.html for details.
A fixed version (1.6.1) is available at http://www.rudedog.org/auth_ldap/.

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.4.27-2-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages libapache-auth-ldap depends on:
ii  apache-common             1.3.33-6sarge1 support files for all Apache webse
ii  libc6                     2.3.2.ds1-22   GNU C Library: Shared libraries an
ii  libldap2                  2.1.30-8       OpenLDAP libraries

-- no debconf information

Reply to:

Follow-Ups:
- Bug#347416: libapache-auth-ldap: Multiple Format Strings Vulnerability
  - From: Moritz Muehlenhoff <jmm@inutil.org>
- Bug#347416: marked as done (libapache-auth-ldap: Multiple Format Strings Vulnerability)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Re: obsession
Next by Date: Bug#304700: marked as done (elvis: Visual { and } commands behaving incorrectly relative to documentation)
Previous by thread: Re: obsession
Next by thread: Bug#347416: libapache-auth-ldap: Multiple Format Strings Vulnerability
Index(es):
- Date
- Thread