openSUSE Security Update : openldap2 (openldap2-145)
Medium Nessus Plugin ID 40084
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update fixes a security problem in the liblber client library of openldap that allowed remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams, which triggers an assertion error. (CVE-2008-2952) Additionally a bug was fixed in ldap_free_connection which could result in client crashes when the server closed a connection while an operation is active.
SolutionUpdate the affected openldap2 packages.