Lucene search
DebianDEBIAN:DSA-4884-1:D6B31HistoryApr 02, 2021 - 7:54 a.m.
[SECURITY] [DSA 4884-1] ldb security update
2021-04-0207:54:04
lists.debian.org
27
debian
cve-2020-10730
cve-2020-27840
cve-2021-20277
ldap
database
EPSS
0.009
Percentile
82.7%
Debian Security Advisory DSA-4884-1 [email protected]
https://www.debian.org/security/ Salvatore Bonaccorso
April 02, 2021 https://www.debian.org/security/faq
Package : ldb
CVE ID : CVE-2020-10730 CVE-2020-27840 CVE-2021-20277
Debian Bug : 985935 985936
Multiple vulnerabilities have been discovered in ldb, a LDAP-like
embedded database built on top of TDB.
CVE-2020-10730
Andrew Bartlett discovered a NULL pointer dereference and
use-after-free flaw when handling 'ASQ' and 'VLV' LDAP controls and
combinations with the LDAP paged_results feature.
CVE-2020-27840
Douglas Bagnall discovered a heap corruption flaw via crafted
DN strings.
CVE-2021-20277
Douglas Bagnall discovered an out-of-bounds read vulnerability in
handling LDAP attributes that contains multiple consecutive
leading spaces.
For the stable distribution (buster), these problems have been fixed in
version 2:1.5.1+really1.4.6-3+deb10u1.
We recommend that you upgrade your ldb packages.
For the detailed security status of ldb please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/ldb
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 10 | i386 | python-ldb | < 1.5.1+really1.4.6-3+deb10u1 | python-ldb_1.5.1+really1.4.6-3+deb10u1_i386.deb |
| Debian | 10 | s390x | python-ldb | < 1.5.1+really1.4.6-3+deb10u1 | python-ldb_1.5.1+really1.4.6-3+deb10u1_s390x.deb |
| Debian | 9 | armhf | python-ldb | < 1.1.27-1+deb9u2 | python-ldb_1.1.27-1+deb9u2_armhf.deb |
| Debian | 9 | amd64 | samba-vfs-modules | < 4.5.16+dfsg-1+deb9u3 | samba-vfs-modules_4.5.16+dfsg-1+deb9u3_amd64.deb |
| Debian | 9 | amd64 | python-samba | < 4.5.16+dfsg-1+deb9u3 | python-samba_4.5.16+dfsg-1+deb9u3_amd64.deb |
| Debian | 9 | armhf | samba-vfs-modules | < 4.5.16+dfsg-1+deb9u3 | samba-vfs-modules_4.5.16+dfsg-1+deb9u3_armhf.deb |
| Debian | 10 | i386 | libldb-dev | < 1.5.1+really1.4.6-3+deb10u1 | libldb-dev_1.5.1+really1.4.6-3+deb10u1_i386.deb |
| Debian | 9 | armel | samba-common-bin | < 4.5.16+dfsg-1+deb9u3 | samba-common-bin_4.5.16+dfsg-1+deb9u3_armel.deb |
| Debian | 9 | i386 | winbind | < 4.5.16+dfsg-1+deb9u3 | winbind_4.5.16+dfsg-1+deb9u3_i386.deb |
| Debian | 9 | i386 | libpam-winbind | < 4.5.16+dfsg-1+deb9u3 | libpam-winbind_4.5.16+dfsg-1+deb9u3_i386.deb |
Related
openvas
openvas
Debian: Security Advisory (DSA-4884-1)
2021-04-03 00:00:00
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2021-2446)
2021-09-15 00:00:00
Fedora: Security Advisory for samba (FEDORA-2021-c93a3a5d3f)
2021-04-10 00:00:00
nessus
nessus
Debian DSA-4884-1 : ldb - security update
2021-04-05 00:00:00
EulerOS 2.0 SP5 : samba (EulerOS-SA-2021-2229)
2021-07-16 00:00:00
EulerOS Virtualization for ARM 64 3.0.6.0 : libldb (EulerOS-SA-2021-2023)
2021-06-30 00:00:00
osv
osv
ldb - security update
2021-04-02 00:00:00
ldb - security update
2021-03-31 00:00:00
ldb vulnerabilities
2021-03-24 18:08:35
debian
debian
[SECURITY] [DSA 4884-1] ldb security update
2021-04-02 07:54:04
[SECURITY] [DLA 2611-1] ldb security update
2021-03-31 09:22:43
fedora
fedora
[SECURITY] Fedora 34 Update: libldb-2.3.0-1.fc34
2021-03-27 00:19:05
[SECURITY] Fedora 32 Update: libldb-2.1.5-1.fc32
2021-04-09 15:41:06
[SECURITY] Fedora 34 Update: samba-4.14.2-0.fc34
2021-03-27 00:19:05
cisa
cisa
Samba Releases Security Updates
2021-03-25 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package samba version 4.14.2-alt1
2021-03-25 00:00:00
suse
suse
Security update for ldb (important)
2021-03-25 00:00:00
Security update for samba (important)
2021-09-22 00:00:00
Security update for samba (important)
2021-05-01 00:00:00
ubuntu
ubuntu
ldb vulnerabilities
2021-03-24 00:00:00
ldb vulnerabilities
2021-03-25 00:00:00
freebsd
freebsd
samba -- Multiple Vulnerabilities
2021-03-24 00:00:00
gentoo
gentoo
Samba: Multiple vulnerabilities
2021-05-26 00:00:00
mageia
mageia
Updated samba and ldb packages fix security vulnerabilities
2021-06-25 17:43:41
prion
prion
Out-of-bounds
2021-05-12 15:15:00
Null pointer dereference
2020-07-07 14:15:00
Cross site request forgery (csrf)
2021-05-12 14:15:00
cbl_mariner
cbl_mariner
CVE-2020-27840 affecting package samba 4.12.5-6
2024-10-01 09:12:11
CVE-2021-20277 affecting package libldb for versions less than 2.7.2-1
2024-08-25 16:56:44
CVE-2020-27840 affecting package libldb for versions less than 2.7.2-1
2024-08-25 16:56:44
redhat
redhat
(RHSA-2021:1213) Important: libldb security update
2021-04-15 10:43:20
(RHSA-2020:3119) Moderate: samba security update
2020-07-23 04:26:36
(RHSA-2021:1197) Important: libldb security update
2021-04-14 14:40:08
cvelist
cvelist
oraclelinux
oraclelinux
libldb security update
2021-04-14 00:00:00
libldb security update
2021-04-08 00:00:00
libldb security, bug fix, and enhancement update
2020-11-10 00:00:00
samba
samba
Heap corruption via crafted DN strings
2021-03-24 00:00:00
Out of bounds read in AD DC LDAP server
2021-03-24 00:00:00
ubuntucve
ubuntucve
redhatcve
redhatcve
veracode
veracode
Denial Of Service (DoS)
2021-03-29 18:11:01
Use-after-Free
2020-07-24 04:08:36
Denial Of Service (DoS)
2021-03-29 17:30:50
alpinelinux
alpinelinux
debiancve
debiancve
nvd
nvd
almalinux
almalinux
Moderate: libldb security, bug fix, and enhancement update
2020-11-03 12:16:33
Important: libldb security update
2021-04-14 14:40:08
cve
cve
CVE-2020-10730
2020-07-07 14:15:10
CVE-2020-27840
2021-05-12 15:15:07
amazon
amazon
Important: libldb
2021-04-20 17:55:00
Important: libldb
2021-04-19 17:26:00
centos
centos
ldb, libldb, pyldb security update
2021-04-10 17:14:31