A ldb security update has been released for Debian GNU/Linux 8 Extended LTS to address two security issues.
ELA-393-1 ldb security update
ELA-393-1 ldb security update
Package ldb
Version 2:1.1.20-0+deb8u3
Related CVEs CVE-2020-27840 CVE-2021-20277
Two issues have been found in ldb, an LDAP-like embedded database, for example used with samba.
Both issues are related to out of bounds access, either an out of bound read or a heap corrupton, both most likely leading to an application crash.
For Debian 8 jessie, these problems have been fixed in version 2:1.1.20-0+deb8u3.
We recommend that you upgrade your ldb packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/
