Описание
ELSA-2008-0389: nss_ldap security and bug fix update (LOW)
[253-12]
- rebuild
[253-11]
- backport changes to group parsing from version 254 to fix heap corruption when parsing nested groups (#444031)
[253-10]
- remove unnecessary nss_ldap linkage to libnsl (part of #427370)
[253-9]
- rebuild
[253-8]
- incorporate Tomas Janouseks fix to prevent re-use of connections across fork() (#252337)
[253-7]
- add keyutils-libs-devel and libselinux-devel as a buildrequires: in order to static link with newer Kerberos (#427370)
[253-6]
- suppress password-expired errors encountered during referral chases during modify requests (#335661)
- interpret server-supplied policy controls when chasing referrals, so that we dont give up when following a referral for a password change after reset (#335661)
- dont attempt to change the password using ldap_modify if the password change mode is 'exop_send_old' (we already didnt for 'exop') (#364501)
- dont drop the supplied password if the directory server indicates that the password needs to be changed because its just been reset: we may need it to chase a referral later (#335661)
- correctly detect libresolv and build a URI using discovered settings, so that server discovery can work again (#254172)
- honor the 'port' setting again by correctly detecting when a URI doesnt already specify one (#326351)
Обновленные пакеты
Oracle Linux 5
Oracle Linux x86_64
nss_ldap
253-12.el5
Oracle Linux i386
nss_ldap
253-12.el5
Связанные CVE
Связанные уязвимости
Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
Race condition in nss_ldap, when used in applications that are linked ...
Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.