Описание
ELSA-2011-0346: openldap security and bug fix update (MODERATE)
[2.3.43-12.7]
- fix: CVE-2011-1024 ppolicy forwarded bind failure messages cause success (#680484)
[2.3.43-12.6]
- fix: slapd concurrent access to connections causes slapd to silently die (#677611)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
compat-openldap
2.3.43_2.2.29-12.el5_6.7
openldap
2.3.43-12.el5_6.7
openldap-clients
2.3.43-12.el5_6.7
openldap-devel
2.3.43-12.el5_6.7
openldap-servers
2.3.43-12.el5_6.7
openldap-servers-overlays
2.3.43-12.el5_6.7
openldap-servers-sql
2.3.43-12.el5_6.7
Oracle Linux x86_64
compat-openldap
2.3.43_2.2.29-12.el5_6.7
openldap
2.3.43-12.el5_6.7
openldap-clients
2.3.43-12.el5_6.7
openldap-devel
2.3.43-12.el5_6.7
openldap-servers
2.3.43-12.el5_6.7
openldap-servers-overlays
2.3.43-12.el5_6.7
openldap-servers-sql
2.3.43-12.el5_6.7
Oracle Linux i386
compat-openldap
2.3.43_2.2.29-12.el5_6.7
openldap
2.3.43-12.el5_6.7
openldap-clients
2.3.43-12.el5_6.7
openldap-devel
2.3.43-12.el5_6.7
openldap-servers
2.3.43-12.el5_6.7
openldap-servers-overlays
2.3.43-12.el5_6.7
openldap-servers-sql
2.3.43-12.el5_6.7
Связанные CVE
Связанные уязвимости
chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.
chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.
chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.
chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-sl ...
chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.