Thorsten Kukuk

Name of the Vulnerable Software and Affected Versions: openldap2 versions prior to 2.4.46-9.37.1 in SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1 in SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-lp151.10.18.1 in openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp152.14.9.1 in openSUSE Leap 15.2 Description: A temporary file vulnerability in openldap2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration. Recommendations: For SUSE Linux Enterprise Server 15-LTSS, update openldap2 to version 2.4.46-9.37.1 or later. For SUSE Linux Enterprise Server for SAP 15, update openldap2 to version 2.4.46-9.37.1 or later. For openSUSE Leap 15.1, update openldap2 to version 2.4.46-lp151.10.18.1 or later. For openSUSE Leap 15.2, update openldap2 to version 2.4.46-lp152.14.9.1 or later.