Bug#347416: libapache-auth-ldap: Multiple Format Strings Vulnerability
Ola Westin wrote:
> Package: libapache-auth-ldap
> Version: 1.6.0-8
> Severity: grave
> Tags: security
> Justification: user security hole
>
>
> auth_ldap version 1.6.0 contains a remote security vulnerability.
> See http://www.digitalarmaments.com/2006090173928420.html for details.
> A fixed version (1.6.1) is available at http://www.rudedog.org/auth_ldap/.
A DSA for Woody and Sarge is in preparation, Etch and sid do no longer contain
auth_ldap packages.
Cheers,
Moritz
Reply to: