Bug#347416: libapache-auth-ldap: Multiple Format Strings Vulnerability

To: Ola Westin <owe@spacemetric.com>
Cc: team@security.debian.org, 347416@bugs.debian.org
Subject: Bug#347416: libapache-auth-ldap: Multiple Format Strings Vulnerability
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Sun, 15 Jan 2006 13:06:10 +0100
Message-id: <[🔎] 20060115120609.GA8941@informatik.uni-bremen.de>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 347416@bugs.debian.org
In-reply-to: <[🔎] 20060110152531.54803125D6B@mail.spacemetric.se>
References: <[🔎] 20060110152531.54803125D6B@mail.spacemetric.se>

Ola Westin wrote:
> Package: libapache-auth-ldap
> Version: 1.6.0-8
> Severity: grave
> Tags: security
> Justification: user security hole
> 
> 
> auth_ldap version 1.6.0 contains a remote security vulnerability.
> See http://www.digitalarmaments.com/2006090173928420.html for details.
> A fixed version (1.6.1) is available at http://www.rudedog.org/auth_ldap/.

A DSA for Woody and Sarge is in preparation, Etch and sid do no longer contain
auth_ldap packages.

Cheers,
        Moritz

Reply to:

References:
- Bug#347416: libapache-auth-ldap: Multiple Format Strings Vulnerability
  - From: Ola Westin <owe@spacemetric.com>

Prev by Date: xdialog_2.0.6-4_i386.changes ACCEPTED
Next by Date: Processed: ITA, Owner, Tags added
Previous by thread: Bug#347416: libapache-auth-ldap: Multiple Format Strings Vulnerability
Next by thread: Bug#347416: marked as done (libapache-auth-ldap: Multiple Format Strings Vulnerability)
Index(es):
- Date
- Thread