Debian 10226 Published by

A ldb security update has been released for Debian GNU/Linux 8 Extended LTS to address two security issues.



ELA-393-1 ldb security update


Package ldb
Version 2:1.1.20-0+deb8u3
Related CVEs CVE-2020-27840 CVE-2021-20277
Two issues have been found in ldb, an LDAP-like embedded database, for example used with samba.

Both issues are related to out of bounds access, either an out of bound read or a heap corrupton, both most likely leading to an application crash.

For Debian 8 jessie, these problems have been fixed in version 2:1.1.20-0+deb8u3.

We recommend that you upgrade your ldb packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-393-1 ldb security update