FEDORA-2018-e8635ed222

security update in Fedora 28 for unboundid-ldapsdk

Status: stable a year ago

Rebase package(s) to version: 4.0.5

CVE-2018-1000134 has been fixed in 4.0.5 release of the UnboundID LDAP SDK for Java. A blog post has been written covering the details of this CVE and is available at https://nawilson.com/2018/03/19/cve-2018-1000134-and-the-unboundid-ldap-sdk-for-java/

Further bugfixing and improvements are detailed in 4.0.5 release notes at https://github.com/pingidentity/ldapsdk/releases/tag/4.0.5

Comments 8

This update has been submitted for testing by sbonazzo.

This update has been pushed to testing.

This update has reached 3 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by sbonazzo.

This update has been submitted for stable by bodhi.

This update has been submitted for batched by sbonazzo.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted a year ago
in testing a year ago
in stable a year ago

Related Bugs 3

00 #1557531 CVE-2018-1000134 unboundid-ldapsdk: Incorrect Access Control vulnerability in process function in SimpleBindRequest class
00 #1557532 CVE-2018-1000134 unboundid-ldapsdk: Incorrect Access Control vulnerability in process function in SimpleBindRequest class [fedora-all]
00 #1557972 unboundid-ldapsdk-4.0.5 is available

Automated Test Results