USN-4352-2: OpenLDAP vulnerability

Q: What is the severity of USN-4352-2?

The severity of USN-4352-2 is not specified.

Q: How do I fix USN-4352-2?

To fix USN-4352-2, update the OpenLDAP package to version 2.4.31-1+nmu2ubuntu8.5+esm2 for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

Q: What is the affected software for USN-4352-2?

The affected software for USN-4352-2 is Ubuntu 12.04 and Ubuntu 14.04.

Q: Where can I find more information about USN-4352-2?

More information about USN-4352-2 can be found at the following references: - [CVE-2020-12243](https://ubuntu.com/security/CVE-2020-12243) - [USN-4352-1](https://ubuntu.com/security/notices/USN-4352-1) - [Ubuntu OpenLDAP Security Notices](https://launchpad.net/ubuntu/+source/openldap/2.4.31-1+nmu2ubuntu8.5+esm2)

Published May 6, 2020

Updated

USN-4352-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that OpenLDAP incorrectly handled certain queries. A remote attacker could possibly use this issue to cause OpenLDAP to consume resources, resulting in a denial of service.

Affected Software

4 affected componentsFixes available

All of the following

ubuntu/slapd<2.4.31-1+nmu2ubuntu8.5+esm2

2.4.31-1+nmu2ubuntu8.5+esm2

Ubuntu Ubuntu=14.04

All of the following

ubuntu/slapd<2.4.28-1.1ubuntu4.10

2.4.28-1.1ubuntu4.10

Ubuntu Ubuntu=12.04

Event History

May 6, 2020

Advisory Published

via Ubuntu·12:00 AM

Child vulnerabilities

Contains the following vulnerabilities.

CVE-2020-12243

Frequently Asked Questions

What is the severity of USN-4352-2?

The severity of USN-4352-2 is not specified.

How do I fix USN-4352-2?

To fix USN-4352-2, update the OpenLDAP package to version 2.4.31-1+nmu2ubuntu8.5+esm2 for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

What is the affected software for USN-4352-2?

The affected software for USN-4352-2 is Ubuntu 12.04 and Ubuntu 14.04.

Where can I find more information about USN-4352-2?