[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[SECURITY] Fedora 7 Update: openldap-2.3.34-4.fc7



--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-3124
2007-11-20 17:47:39.443213
--------------------------------------------------------------------------------

Name        : openldap
Product     : Fedora 7
Version     : 2.3.34
Release     : 4.fc7
URL         : http://www.openldap.org/
Summary     : The configuration files, libraries, and documentation for OpenLDAP
Description :
OpenLDAP is an open source suite of LDAP (Lightweight Directory Access
Protocol) applications and development tools. LDAP is a set of
protocols for accessing directory services (usually phone book style
information, but other information is possible) over the Internet,
similar to the way DNS (Domain Name System) information is propagated
over the Internet. The openldap package contains configuration files,
libraries, and documentation for OpenLDAP.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Nov  2 2007 Jan Safranek <jsafranek redhat com> 2.3.34-4.fc7
- fix various security flaws (#360081)
* Fri Jul 13 2007 Jan Safranek <jsafranek redhat com> 2.3.34-3.fc7
- Fix initscript return codes (#242667)
- Provide overlays including smbk5pwd (as modules; #246036, #245896, #220895)
- Add available modules to config file
- do not create script in /tmp on startup (bz#188298)
- add compat-slapcat to openldap-compat (bz#179378)
- do not import ddp services with migrate_services.pl
  (bz#201183)
- sort the hosts by address, preventing duplicities
  in migrate*nis*.pl (bz#201540)
- start slupd for each replicated database (bz#210155)
- add ldconfig to devel post/postun (bz#240253)
- include misc.schema in default slapd.conf (bz#147805)
* Mon Apr 23 2007 Jan Safranek <jsafranek redhat com> 2.3.34-2.fc7
- slapadd during package update is now quiet (bz#224581)
- use _localstatedir instead of var/ during build (bz#220970)
- bind-libbind-devel removed from BuildRequires (bz#216851)
- slaptest is now quiet during service ldap start, if
  there is no error/warning (bz#143697)
- libldap_r.so now links with pthread (bz#198226)
- do not strip binaries to produce correct .debuginfo packages
  (bz#152516)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #360081 - CVE-2007-5707 CVE-2007-5708 openldap various flaws [F7]
        https://bugzilla.redhat.com/show_bug.cgi?id=360081
  [ 2 ] Bug #359861 - CVE-2007-5708 openldap slapd pcache overlay DoS via non-null teminated string
        https://bugzilla.redhat.com/show_bug.cgi?id=359861
  [ 3 ] Bug #359851 - CVE-2007-5707 openldap slapd DoS via objectClasses attribute
        https://bugzilla.redhat.com/show_bug.cgi?id=359851
  [ 4 ] CVE-2007-5707
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5707
  [ 5 ] CVE-2007-5708
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5708
--------------------------------------------------------------------------------
Updated packages:

f9696ad13439140de92a68b80a507baf6830524c openldap-devel-2.3.34-4.fc7.ppc64.rpm
89e3c4f06df30bf99f6e7fde7e7efc9b0c70579d openldap-2.3.34-4.fc7.ppc64.rpm
0d7dc04c6517b4021b15339b9cec18b67a035b4f openldap-servers-sql-2.3.34-4.fc7.ppc64.rpm
d7671aa239e85528b2e28d229a98cf01db62b114 compat-openldap-2.3.34_2.2.29-4.fc7.ppc64.rpm
1e3ee7e4821d23f07daa29d9d60c1ad2583426d6 openldap-servers-2.3.34-4.fc7.ppc64.rpm
9972f80187ae6983b08f46b6c1ea3a90e29486b5 openldap-debuginfo-2.3.34-4.fc7.ppc64.rpm
ffa95a11b24434c9e83f3e18aa218444cade9e1b openldap-clients-2.3.34-4.fc7.ppc64.rpm
3236da1732e025bf033435ce2ee43affcb82ce95 openldap-servers-sql-2.3.34-4.fc7.i386.rpm
6d3ecc623d714d28c2e8f9674ed07799e7777d53 openldap-2.3.34-4.fc7.i386.rpm
4a29334d696ca2c3f4cafc7f8a12598ef894aa9f openldap-servers-2.3.34-4.fc7.i386.rpm
a507ef511f0124cf13ddcf4f93b73fa352b31ef6 openldap-devel-2.3.34-4.fc7.i386.rpm
723000a099d1f9865db5f93632faa83fdffbf01c openldap-clients-2.3.34-4.fc7.i386.rpm
ac6c3e7ab1101be2fae6f489934c9bcd52efe5e1 compat-openldap-2.3.34_2.2.29-4.fc7.i386.rpm
b77f0ad77f23b17b04facf1632025d8683a9a7fb openldap-debuginfo-2.3.34-4.fc7.i386.rpm
29bca3d3b8fc523897cc12b0eaf51918b7bcd913 openldap-devel-2.3.34-4.fc7.x86_64.rpm
af06d738f8245f6e352b34b279b455b8c3843496 openldap-servers-2.3.34-4.fc7.x86_64.rpm
bbbfb28e1dd87e6a784fce14a13c1ed5b32233cf openldap-2.3.34-4.fc7.x86_64.rpm
e36fc33bb1cd1c1e5b118daffdd40e8364e0aa82 openldap-servers-sql-2.3.34-4.fc7.x86_64.rpm
d8bb6917a10e8ead905ab5588a2087a225823f2a openldap-debuginfo-2.3.34-4.fc7.x86_64.rpm
dfcf8316819e8e6d460966504fe6116f02689b83 compat-openldap-2.3.34_2.2.29-4.fc7.x86_64.rpm
fe7dcc47bd6f6faee43d868a5ff110d53e507bc0 openldap-clients-2.3.34-4.fc7.x86_64.rpm
e67c4d0846065f538b87b31bd0603412edf5f927 openldap-servers-2.3.34-4.fc7.ppc.rpm
78c9672a67fe4b52af26f1a035313d2edda12c15 openldap-servers-sql-2.3.34-4.fc7.ppc.rpm
8792e63c63cacba61e9af019a66fc8f62be767ec openldap-2.3.34-4.fc7.ppc.rpm
10d18f504a6ac3184fa33a99fca806b31b3a03f5 openldap-clients-2.3.34-4.fc7.ppc.rpm
b98bfa192ae7c5360f53ebc49e0abc1c7ddb1756 openldap-devel-2.3.34-4.fc7.ppc.rpm
debd40ab305eb19b7b476f46ab6f579afb758dfa compat-openldap-2.3.34_2.2.29-4.fc7.ppc.rpm
bae3922b13dcc83442609651f04ff9dc0437afcb openldap-debuginfo-2.3.34-4.fc7.ppc.rpm
c3d984d11cd9ac3beee4388d23e95200ac7d2626 openldap-2.3.34-4.fc7.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update openldap' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]