Описание
ELSA-2010-0198: openldap security and bug fix update (MODERATE)
[2.3.43-12]
- updated spec file, so the compat-libs linking patch applies correctly
[2.3.43-11]
- backported patch to handle null character in TLS certificates (#560912)
[2.3.43-10]
- updated chase-referral patch to compile cleanly
- updated init script (#562714)
[2.3.43-9]
- updated ldap.sysconf to include SLAPD_LDAP, SLAPD_LDAPS and SLAPD_LDAPI options (#559520)
[2.3.43-8]
- fixed connection freeze when TLSVerifyClient = allow (#509230)
[2.3.43-7]
- fixed chasing referrals in libldap (#510522)
[2.3.43-6]
- fixed possible double free() in rwm overlay (#495628)
- updated slapd man page and slapcat usage string (#468206)
- updated default config for slapd - deleted syncprov module (#466937)
- fixed migration tools autofs generated format (#460331)
- fixed migration tools numbers detection in /etc/shadow (#113857)
- fixed migration tools base ldif (#104585)
[2.3.43-5]
- implementation of limit adjustment before starting slapd (#527313)
- init script no longer executes script in /tmp (#483356)
- slapd not starting with ldap:/// every time (#481003)
- delay between TERM and KILL when shutting down slapd (#452064)
[2.3.43-4]
- fixed compat libs linking (#503734)
- activated lightweight dispatcher feature (#507276)
- detection of timeout after failed result (#495701
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
compat-openldap
2.3.43_2.2.29-12.el5
openldap
2.3.43-12.el5
openldap-clients
2.3.43-12.el5
openldap-devel
2.3.43-12.el5
openldap-servers
2.3.43-12.el5
openldap-servers-overlays
2.3.43-12.el5
openldap-servers-sql
2.3.43-12.el5
Oracle Linux x86_64
compat-openldap
2.3.43_2.2.29-12.el5
openldap
2.3.43-12.el5
openldap-clients
2.3.43-12.el5
openldap-devel
2.3.43-12.el5
openldap-servers
2.3.43-12.el5
openldap-servers-overlays
2.3.43-12.el5
openldap-servers-sql
2.3.43-12.el5
Oracle Linux i386
compat-openldap
2.3.43_2.2.29-12.el5
openldap
2.3.43-12.el5
openldap-clients
2.3.43-12.el5
openldap-devel
2.3.43-12.el5
openldap-servers
2.3.43-12.el5
openldap-servers-overlays
2.3.43-12.el5
openldap-servers-sql
2.3.43-12.el5
Связанные CVE
Связанные уязвимости
libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other ...