Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1559819
It is possible to crash ns-slapd (and ipa-dnskeysyncd afterwards) with crafted ldapsearch query with very long filter value both as anonymous or authenticated user. The crash can be similarly triggered with a query via the FreeIPA API as an authenticated user.
Metadata Update from @mreynolds: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1559819
Metadata Update from @mreynolds: - Issue assigned to mreynolds
d77c7f0..9d8d096 master -> master
eb08d43..a589008 389-ds-base-1.3.8 -> 389-ds-base-1.3.8
8bdcfa4..056d75c 389-ds-base-1.3.7 -> 389-ds-base-1.3.7
99ba446..62ac4ec 389-ds-base-1.3.6 -> 389-ds-base-1.3.6
f4a76bb..2728983 389-ds-base-1.2.11 -> 389-ds-base-1.2.11
Metadata Update from @mreynolds: - Custom field component adjusted to None - Custom field origin adjusted to None - Custom field reviewstatus adjusted to None - Custom field type adjusted to None - Custom field version adjusted to None - Issue close_status updated to: fixed - Issue set to the milestone: 1.2.11 (was: 0.0 NEEDS_TRIAGE) - Issue status updated to: Closed (was: Open)
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/2720
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: fixed)
Login to comment on this ticket.