[SECURITY] Fedora 8 Update: fedora-ds-base-1.1.2-1.fc8

updates at fedoraproject.org updates at fedoraproject.org
Thu Sep 11 17:05:00 UTC 2008


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-7891
2008-09-11 11:00:00
--------------------------------------------------------------------------------

Name        : fedora-ds-base
Product     : Fedora 8
Version     : 1.1.2
Release     : 1.fc8
URL         : http://directory.fedoraproject.org/
Summary     : Fedora Directory Server (base)
Description :
Fedora Directory Server is an LDAPv3 compliant server.  The base package includes
the LDAP server and command line utilities for server administration.

--------------------------------------------------------------------------------
Update Information:

This is the release of Fedora Directory Server 1.1.2.    Security issues
addressed:  CVE-2008-2930 CVE-2008-3283    In addition to the CVEs listed above,
this release fixes the following list of bugs:
https://bugzilla.redhat.com/showdependencytree.cgi?id=452721&hide_resolved=0
--------------------------------------------------------------------------------
ChangeLog:

* Fri Jun 13 2008 Rich Megginson <rmeggins at redhat.com> - 1.1.2-1
- This is the 1.1.2 release.  The bugs fixed can be found here
- https://bugzilla.redhat.com/showdependencytree.cgi?id=452721
- Added winsync-plugin.h to the devel subpackage
* Fri May 23 2008 Rich Megginson <rmeggins at redhat.com> - 1.1.1-1
- 1.1.1 release candidate - several bug fixes
* Thu Dec 20 2007 Rich Megginson <rmeggins at redhat.com> - 1.1.0-3
- This is the GA release of Fedora DS 1.1
- Removed version numbers for BuildRequires and Requires
- Added full URL to source tarball
* Wed Nov  7 2007 Rich Megginson <rmeggins at redhat.com> - 1.1.0-2.0
- This is the beta2 release
- new file added to package - /etc/sysconfig/dirsrv - for setting
- daemon environment as is usual in other linux daemons
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #454065 - CVE-2008-2930 Directory Server: temporary DoS via crafted pattern searches
        https://bugzilla.redhat.com/show_bug.cgi?id=454065
  [ 2 ] Bug #458977 - CVE-2008-3283 Directory Server: multiple memory leaks
        https://bugzilla.redhat.com/show_bug.cgi?id=458977
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update fedora-ds-base' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------




More information about the Fedora-package-announce mailing list