github
[GHSA-cfw5-v7cw-69cw] Critical severity vulnerability that affects org.apache.directory.api:apache-ldap-api
Updates
- References
- Source code location
Comments
Add a patch https://github.com/apache/directory-ldap-api/commit/075b70a733d7af150b3d85684149ff5f029f7fd, of which the commit message claims Fixed some race condition in LdapConnection when using SSL
Add a patch https://github.com/apache/directory-ldap-api/commit/5faa6a71606a22a7503d401911875ec3a355cac, of which the commit message claims o Bumped up MINA version to 2.0.18 o Added the event() method to switch the handhakeFuture flag when the Handshake is completed o The session is now seen as connected when the sessionCreated event is received o Added some schema parser perf test o Added some LDAP test (ignored)
Hey @MarkLee131, the commits listed seem to be tagged with versions other than the fix version (1.0.2). Can you elaborate on the connection of these commits to this advisory?
👋 This pull request has been marked as stale because it has been open with no activity. You can: comment on the issue or remove the stale label to hold stale off for a while, add the Keep label to hold stale off permanently, or do nothing. If you do nothing this pull request will be closed eventually by the stale bot. Please see CONTRIBUTING.md for more policy details.
👋 This pull request has been marked as stale because it has been open with no activity. You can: comment on the issue or remove the stale label to hold stale off for a while, add the Keep label to hold stale off permanently, or do nothing. If you do nothing this pull request will be closed eventually by the stale bot. Please see CONTRIBUTING.md for more policy details.