openldap-2.3.43-12.7.0.1.AXS3

エラータID: AXSA:2011-103:02

Release date: 
Monday, March 21, 2011 - 20:21
Subject: 
openldap-2.3.43-12.7.0.1.AXS3
Affected Channels: 
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity: 
High
Description: 

OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP.
Security issues fixed with this release:
CVE-2011-1024
No information available at the time of writing, please refer to the CVE links below.

Solution: 

Update packages.

CVEs: 
CVE-2011-1024
chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server.


Additional Info: 

N/A

Download: 

SRPMS
  1. openldap-2.3.43-12.7.0.1.AXS3.src.rpm
    MD5: d8393e181dafefae9882be8ae96bd28f
    SHA-256: 9adc9269977d7b9435325a212b8e6bc273d316f2dde20a00d15420e0c170c364
    Size: 14.83 MB

Asianux Server 3 for x86
  1. compat-openldap-2.3.43_2.2.29-12.7.0.1.AXS3.i386.rpm
    MD5: a50fe9e2ea8aa8fb29c686a4a66f3858
    SHA-256: eee6ac0f86db2f2eb03a6688fe74f1b8953e11b2aca5aa1edd6106470b938c41
    Size: 259.25 kB
  2. openldap-2.3.43-12.7.0.1.AXS3.i386.rpm
    MD5: 5c2d8c1889fcb56979aa871a69a9444d
    SHA-256: aa872091bf38775b7c4978ea421ec932a47ea9c54211af1919e87c150bb8370b
    Size: 296.52 kB
  3. openldap-clients-2.3.43-12.7.0.1.AXS3.i386.rpm
    MD5: 18503e4250b84f9ecb37f90a8a1591c9
    SHA-256: 5e389663fb8c9e02560af0931e07f3165033d6ef87732d0315c9f64e9654ddd9
    Size: 217.92 kB
  4. openldap-devel-2.3.43-12.7.0.1.AXS3.i386.rpm
    MD5: 2ef476d19f9fe0d043a0864c86592a01
    SHA-256: bfc1b1962d761dd852b046f27dfea4654d33d37a8e6b38fb2185523ddfe67d77
    Size: 1.56 MB
  5. openldap-servers-2.3.43-12.7.0.1.AXS3.i386.rpm
    MD5: f4a4f6bd03321e5fa4dff1e03fda9bff
    SHA-256: aef2fa13c9602c4f38d896306a8506eed4f22ebc9c0dc73da1370c775c910b26
    Size: 3.06 MB
  6. openldap-servers-sql-2.3.43-12.7.0.1.AXS3.i386.rpm
    MD5: 5a16c4c978a6925d481642d5aa148a10
    SHA-256: 96f943483592750a1db92bad576feb8b274d81ecf7648bed3b062b7e6e013ede
    Size: 121.79 kB

Asianux Server 3 for x86_64
  1. compat-openldap-2.3.43_2.2.29-12.7.0.1.AXS3.x86_64.rpm
    MD5: cc74d0ae464c4ce5e87856e25ca468ea
    SHA-256: 45dbb66389c0b6569fa07ebf339c62cf288ab03e4f637b2f2fb54f4dc9cc3cd3
    Size: 266.34 kB
  2. openldap-2.3.43-12.7.0.1.AXS3.x86_64.rpm
    MD5: 49a2ec312a88640e3dc2e3d87dc5a544
    SHA-256: eb3f1324618d75b389f17f71456a870945346b345ec8ce4db2372777242415c6
    Size: 304.48 kB
  3. openldap-clients-2.3.43-12.7.0.1.AXS3.x86_64.rpm
    MD5: 9e8bd113f3c88c8565cc0aa73b7805df
    SHA-256: c8becbafd0440e2e1a5e913a1df780b6fe1d467881ea22f15fb5a898676c6fbe
    Size: 223.40 kB
  4. openldap-devel-2.3.43-12.7.0.1.AXS3.x86_64.rpm
    MD5: 845788a284929bef8e5f609e67ddb0da
    SHA-256: 0dc7a1139c94ba308b26e36994f86d812dbda800a97e086b58a86f2202d9539d
    Size: 1.58 MB
  5. openldap-servers-2.3.43-12.7.0.1.AXS3.x86_64.rpm
    MD5: 345b283025ef1cc4555f2d835e563ae4
    SHA-256: 9b4cf52c492f2a15f41830c4bcbf407b9d9356ed12522c5db4252316ab18f2d7
    Size: 2.19 MB
  6. openldap-servers-sql-2.3.43-12.7.0.1.AXS3.x86_64.rpm
    MD5: dadd3d230bda00a211c8ef22a6f8213a
    SHA-256: 97510516ba89266338ec47c815eb5944e99c876ae4713d2da91e4524c7f52e7b
    Size: 123.96 kB