An update for openldap is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2023-1334 Final 1.0 1.0 2023-06-10 Initial 2023-06-10 2023-06-10 openEuler SA Tool V1.0 2023-06-10 openldap security update An update for openldap is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1. OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. Security Fix(es): A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.(CVE-2023-2953) An update for openldap is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3,openEuler-22.03-LTS and openEuler-22.03-LTS-SP1. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High openldap https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1334 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2023-2953 https://nvd.nist.gov/vuln/detail/CVE-2023-2953 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 openldap-clients-2.4.50-8.oe1.aarch64.rpm openldap-debugsource-2.4.50-8.oe1.aarch64.rpm openldap-debuginfo-2.4.50-8.oe1.aarch64.rpm openldap-devel-2.4.50-8.oe1.aarch64.rpm openldap-2.4.50-8.oe1.aarch64.rpm openldap-servers-2.4.50-8.oe1.aarch64.rpm openldap-clients-2.4.50-8.oe1.aarch64.rpm openldap-servers-2.4.50-8.oe1.aarch64.rpm openldap-2.4.50-8.oe1.aarch64.rpm openldap-debugsource-2.4.50-8.oe1.aarch64.rpm openldap-devel-2.4.50-8.oe1.aarch64.rpm openldap-debuginfo-2.4.50-8.oe1.aarch64.rpm openldap-devel-2.6.0-5.oe2203.aarch64.rpm openldap-2.6.0-5.oe2203.aarch64.rpm openldap-debugsource-2.6.0-5.oe2203.aarch64.rpm openldap-servers-2.6.0-5.oe2203.aarch64.rpm openldap-debuginfo-2.6.0-5.oe2203.aarch64.rpm openldap-clients-2.6.0-5.oe2203.aarch64.rpm openldap-2.6.0-6.oe2203sp1.aarch64.rpm openldap-clients-2.6.0-6.oe2203sp1.aarch64.rpm openldap-devel-2.6.0-6.oe2203sp1.aarch64.rpm openldap-servers-2.6.0-6.oe2203sp1.aarch64.rpm openldap-debugsource-2.6.0-6.oe2203sp1.aarch64.rpm openldap-debuginfo-2.6.0-6.oe2203sp1.aarch64.rpm openldap-help-2.4.50-8.oe1.noarch.rpm openldap-help-2.4.50-8.oe1.noarch.rpm openldap-help-2.6.0-5.oe2203.noarch.rpm openldap-help-2.6.0-6.oe2203sp1.noarch.rpm openldap-2.4.50-8.oe1.src.rpm openldap-2.4.50-8.oe1.src.rpm openldap-2.6.0-5.oe2203.src.rpm openldap-2.6.0-6.oe2203sp1.src.rpm openldap-debugsource-2.4.50-8.oe1.x86_64.rpm openldap-clients-2.4.50-8.oe1.x86_64.rpm openldap-2.4.50-8.oe1.x86_64.rpm openldap-devel-2.4.50-8.oe1.x86_64.rpm openldap-servers-2.4.50-8.oe1.x86_64.rpm openldap-debuginfo-2.4.50-8.oe1.x86_64.rpm openldap-debugsource-2.4.50-8.oe1.x86_64.rpm openldap-servers-2.4.50-8.oe1.x86_64.rpm openldap-devel-2.4.50-8.oe1.x86_64.rpm openldap-2.4.50-8.oe1.x86_64.rpm openldap-debuginfo-2.4.50-8.oe1.x86_64.rpm openldap-clients-2.4.50-8.oe1.x86_64.rpm openldap-debuginfo-2.6.0-5.oe2203.x86_64.rpm openldap-devel-2.6.0-5.oe2203.x86_64.rpm openldap-clients-2.6.0-5.oe2203.x86_64.rpm openldap-servers-2.6.0-5.oe2203.x86_64.rpm openldap-debugsource-2.6.0-5.oe2203.x86_64.rpm openldap-2.6.0-5.oe2203.x86_64.rpm openldap-debuginfo-2.6.0-6.oe2203sp1.x86_64.rpm openldap-2.6.0-6.oe2203sp1.x86_64.rpm openldap-debugsource-2.6.0-6.oe2203sp1.x86_64.rpm openldap-clients-2.6.0-6.oe2203sp1.x86_64.rpm openldap-devel-2.6.0-6.oe2203sp1.x86_64.rpm openldap-servers-2.6.0-6.oe2203sp1.x86_64.rpm A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function. 2023-06-10 CVE-2023-2953 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS openEuler-22.03-LTS-SP1 High 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H openldap security update 2023-06-10 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1334