Advisories ยป MGASA-2020-0407

Updated openldap packages fix a security vulnerability

Publication date: 10 Nov 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-25692


A vulnerability in the handling of normalization with modrdn was discovered in
OpenLDAP. An unauthenticated remote attacker can use this flaw to cause a
denial of service (slapd daemon crash) via a specially crafted packet

Also, the PID file path in the systemd service was fixed to use /run as the$
parent, rather than /var/run, eliminating warning messages in the logs.