——————————————————————————–
Fedora Update Notification
FEDORA-2018-c188d3f09a
2018-03-29 15:52:12.354046
——————————————————————————–

Name : unboundid-ldapsdk
Product : Fedora 26
Version : 4.0.5
Release : 1.fc26
URL : https://www.ldap.com/unboundid-ldap-sdk-for-java
Summary : UnboundID LDAP SDK for Java
Description :
The UnboundID LDAP SDK for Java is a fast, powerful, user-friendly, and
completely free Java library for communicating with LDAP directory servers and
performing related tasks like reading and writing LDIF, encoding and
decoding data using base64 and ASN.1 BER, and performing secure communication.

——————————————————————————–
Update Information:

Rebase package(s) to version: 4.0.5 CVE-2018-1000134 has been fixed in 4.0.5
release of the UnboundID LDAP SDK for Java. A blog post has been written
covering the details of this CVE and is available at
https://nawilson.com/2018/03/19/cve-2018-1000134-and-the-unboundid-ldap-sdk-for-
java/ Further bugfixing and improvements are detailed in 4.0.5 release notes at
https://github.com/pingidentity/ldapsdk/releases/tag/4.0.5
——————————————————————————–
References:

[ 1 ] Bug #1557531 – CVE-2018-1000134 unboundid-ldapsdk: Incorrect Access Control vulnerability in process function in SimpleBindRequest class
https://bugzilla.redhat.com/show_bug.cgi?id=1557531
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade unboundid-ldapsdk’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2018-0a473d6e7b
2018-03-29 16:19:28.320262
——————————————————————————–

Name : unboundid-ldapsdk
Product : Fedora 27
Version : 4.0.5
Release : 1.fc27
URL : https://www.ldap.com/unboundid-ldap-sdk-for-java
Summary : UnboundID LDAP SDK for Java
Description :
The UnboundID LDAP SDK for Java is a fast, powerful, user-friendly, and
completely free Java library for communicating with LDAP directory servers and
performing related tasks like reading and writing LDIF, encoding and
decoding data using base64 and ASN.1 BER, and performing secure communication.

——————————————————————————–
Update Information:

Rebase package(s) to version: 4.0.5 CVE-2018-1000134 has been fixed in 4.0.5
release of the UnboundID LDAP SDK for Java. A blog post has been written
covering the details of this CVE and is available at
https://nawilson.com/2018/03/19/cve-2018-1000134-and-the-unboundid-ldap-sdk-for-
java/ Further bugfixing and improvements are detailed in 4.0.5 release notes at
https://github.com/pingidentity/ldapsdk/releases/tag/4.0.5
——————————————————————————–
References:

[ 1 ] Bug #1557531 – CVE-2018-1000134 unboundid-ldapsdk: Incorrect Access Control vulnerability in process function in SimpleBindRequest class
https://bugzilla.redhat.com/show_bug.cgi?id=1557531
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade unboundid-ldapsdk’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org