CVE-2015-3276 (retired)

Priority
Description
The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP
does not properly parse OpenSSL-style multi-keyword mode cipher strings,
which might cause a weaker than intended cipher to be used and allow remote
attackers to have unspecified impact via unknown vectors.
Notes
mdeslauron Debian/Ubuntu, openldap is built with GnuTLS, not NSS
Package
Upstream:needs-triage
More Information

Updated: 2019-10-09 07:52:51 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)