{"affected":[{"ecosystem_specific":{"binaries":[{"ldb-tools":"2.0.12-lp152.2.9.1","libldb-devel":"2.0.12-lp152.2.9.1","libldb2":"2.0.12-lp152.2.9.1","libldb2-32bit":"2.0.12-lp152.2.9.1","python3-ldb":"2.0.12-lp152.2.9.1","python3-ldb-32bit":"2.0.12-lp152.2.9.1","python3-ldb-devel":"2.0.12-lp152.2.9.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.2","name":"ldb","purl":"pkg:rpm/opensuse/ldb&distro=openSUSE%20Leap%2015.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.0.12-lp152.2.9.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for ldb fixes the following issues:\n\n- CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad DNs (bsc#1183572).\n- CVE-2021-20277: Fixed an out of bounds read in ldb_handler_fold (bsc#1183574).\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.","id":"openSUSE-SU-2021:0469-1","modified":"2021-03-25T08:10:39Z","published":"2021-03-25T08:10:39Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QLNA72I7E6KKMIQOHXHYRPDYGMW5KH4K/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1183572"},{"type":"REPORT","url":"https://bugzilla.suse.com/1183574"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-27840"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-20277"}],"related":["CVE-2020-27840","CVE-2021-20277"],"summary":"Security update for ldb","upstream":["CVE-2020-27840","CVE-2021-20277"]}