On Thu, Apr 21, 2016 at 02:57:48PM -0400, Leo Famulari wrote: > There is a remote denial of service bug in OpenLDAP in version 2.4.42 > and earlier [0]. > > This patch updates OpenLDAP to the latest version. > > This change will require several hundred packages to be rebuilt. Should > it go on security-updates? Your advice requested...
Fixed on master, with a graft, as 80c13759745. > > [0] > https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-6908 > > Leo Famulari (1): > gnu: openldap: Update to 2.4.44 [fixes CVE-2015-6908]. > > gnu/packages/openldap.scm | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-) > > -- > 2.7.4 >
