nss_ldap-253-3.1AXS3
エラータID: AXSA:2008-84:01
Release date:
Monday, September 22, 2008 - 20:52
Subject:
nss_ldap-253-3.1AXS3
Affected Channels:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Asianux Server 3 for ppc
Asianux Server 3 for ia64
Severity:
Moderate
Description:
Description of problem:
The nss_ldap package contains the nss_ldap and pam_ldap modules. The nss_ldap module is a plug-in which allows applications to retrieve information about users and groups from a directory server. The pam_ldap module allows PAM-aware applications to use a directory server to verify user passwords.
Solution:
Update packages
CVEs:
CVE-2007-5794
Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected.
Additional Info:
N/A
Download:
Asianux Server 3 for x86
- nss_ldap-253-3.1AXS3.i386.rpm
MD5: 76f05bdb191060b791cfe510ff5724cd
SHA-256: ba5e25897bfdf43e469c8bd45ba4892ee498e49450e08ce6038e0716fee419a5
Size: 1.41 MB
Asianux Server 3 for x86_64
- nss_ldap-253-3.1AXS3.x86_64.rpm
MD5: 7c6fa3691b862285df2849f2b7b4de5f
SHA-256: 7d3ab4fef521692dacb94dc902d730a4791a564723c2c07851bafff6c1604d7e
Size: 1.38 MB