Rebase package(s) to version: 4.0.5
CVE-2018-1000134 has been fixed in 4.0.5 release of the UnboundID LDAP SDK for Java. A blog post has been written covering the details of this CVE and is available at https://nawilson.com/2018/03/19/cve-2018-1000134-and-the-unboundid-ldap-sdk-for-java/
Further bugfixing and improvements are detailed in 4.0.5 release notes at https://github.com/pingidentity/ldapsdk/releases/tag/4.0.5
sudo dnf upgrade --advisory=FEDORA-2018-e8635ed222
Please login to add feedback.