{"affected":[],"aliases":[],"details":"\nopenldap2 was updated to fix three security issues and one non-security \nbug.\n\nThe following vulnerabilities were fixed:\n\n    * A remote attacker could cause a denial of service (slapd crash) by\n      unbinding immediately after a search request. (bnc#846389,\n      CVE-2013-4449)\n    * A remote attacker could cause a denial of service through a NULL\n      pointer dereference and crash via an empty attribute list in a deref\n      control in a search request. (bnc#916897, CVE-2015-1545)\n    * A remote attacker could cause a denial of service (crash) via a\n      crafted search query with a matched values control. (bnc#916914,\n      CVE-2015-1546)\n\nThe following non-security bug was fixed:\n\n    * Prevent connection-0 (internal connection) from showing up in the\n      monitor back-end. (bnc#905959)\n\nSecurity Issues:\n\n    * CVE-2015-1546\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1546>\n    * CVE-2015-1545\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1545>\n    * CVE-2013-4449\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4449>\n\n","id":"SUSE-SU-2015:0887-1","modified":"2015-04-13T12:35:26Z","published":"2015-04-13T12:35:26Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20150887-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/846389"},{"type":"REPORT","url":"https://bugzilla.suse.com/905959"},{"type":"REPORT","url":"https://bugzilla.suse.com/916897"},{"type":"REPORT","url":"https://bugzilla.suse.com/916914"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-4449"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1545"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1546"}],"related":["CVE-2013-4449","CVE-2015-1545","CVE-2015-1546"],"summary":"Security update for openldap2","upstream":["CVE-2013-4449","CVE-2015-1545","CVE-2015-1546"]}