Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
98
security advisoryRed Hatimportant updateRed Hat Enterprise Linux: RHSA-2020-0464-01 Important Update for 389-DS
An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: 389-ds:1.4 security update Advisory ID: RHSA-2020:0464-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:0464 Issue date: 2020-02-10 CVE Names: CVE-2019-14824 ==================================================================== 1. Summary: An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream E4S (v. 8.0) - noarch, ppc64le, x86_64 3. Description: 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * 389-ds-base: Read permission check bypass via the deref plugin (CVE-2019-14824) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1747448 - CVE-2019-14824389-ds-base: Read permission check bypass via the deref plugin 6. Package List: Red Hat Enterprise Linux AppStream E4S (v. 8.0): Source: 389-ds-base-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.src.rpm noarch: python3-lib389-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.noarch.rpm ppc64le: 389-ds-base-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.ppc64le.rpm 389-ds-base-debuginfo-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.ppc64le.rpm 389-ds-base-debugsource-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.ppc64le.rpm 389-ds-base-devel-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.ppc64le.rpm 389-ds-base-legacy-tools-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.ppc64le.rpm 389-ds-base-legacy-tools-debuginfo-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.ppc64le.rpm 389-ds-base-libs-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.ppc64le.rpm 389-ds-base-libs-debuginfo-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.ppc64le.rpm 389-ds-base-snmp-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.ppc64le.rpm 389-ds-base-snmp-debuginfo-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.ppc64le.rpm x86_64: 389-ds-base-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.x86_64.rpm 389-ds-base-debuginfo-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.x86_64.rpm 389-ds-base-debugsource-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.x86_64.rpm 389-ds-base-devel-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.x86_64.rpm 389-ds-base-legacy-tools-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.x86_64.rpm 389-ds-base-legacy-tools-debuginfo-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.x86_64.rpm 389-ds-base-libs-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.x86_64.rpm 389-ds-base-libs-debuginfo-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.x86_64.rpm 389-ds-base-snmp-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.x86_64.rpm 389-ds-base-snmp-debuginfo-1.4.0.20-10.1.module+el8.0.0+4597+364a3066.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2019-14824 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXkG039zjgjWX9erEAQi81g//V3KyJFNRgCTDAG2qqjZ4lOvzOWn38BCk YU1FNQr7CqLP/OLPWRytFWPeHsNK48s3Ek5AyBgy1F564Yg5ihF5F64zeg6msRQ2 bFjBLDy+iDpig4eBcSTWmTYjnXp+gMPahkWUmykEeIB2X7eYIVpgaKbmuUIfaWTa Mz/KzW+AtIVBhpzq7bnch2lyGjsc4u4wlC4TcSLUw/+dab6sdXu5trFRPNZ5v5bq 7SggknH4HpUvYrxyaWcuP7xcq6j+xSlQgtaNq+k5ExPHvPXw84LkvFuF5X5A1H+k snHHnHaGCA4UJ0eDYqnwC9cqe6jZcBhU1gdNQRmkTeJBRpoGHyCYRdbBd5dH5Zq7 7+qtHuNcRFalqPwmvtKAlDtLkZEdSWbS8oDA00UMhmS8ND7ut4EwZ46uFXUSXeRE l38sNoarldMud4FZc+m04Fwis4fiKYLtWvzY44IRwbWZg6RY/nx8RdEsyJLYfC7a tHD8hOol4p2UPhYyrBEkiV3thhS2tFndsR2YS1IDawh9CWNKzlqoOWx1P9yhmFvg Lj3HWoXcXhsfTIMW7bSLRGbKDT0UtdmVNLxAewLN4TlqnOwX86s3pfgoiVOURINO 9cAXnaVnuJIQFSBDetjWxjFnptsY9C03HLK9+Ik1pINItl6OdTn+6Nzj2MCreZ7J 0wupZUcDUI8=cqFp -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Feb 10, 2020
•Important
Red Hat
197
security advisoryaccess controlDebianDebian: DLA-1891-1 Critical: OpenLDAP Access Control Issues
Several security vulnerabilities were discovered in openldap, a server and tools to provide a standalone directory service. CVE-2019-13057 . Package : openldap Version : 2.4.40+dfsg-1+deb8u5 CVE ID : CVE-2019-13057 CVE-2019-13565 Debian Bug : 932997 932998 Several security vulnerabilities were discovered in openldap, a server and tools to provide a standalone directory service. CVE-2019-13057 When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.) CVE-2019-13565 When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user. For Debian 8 "Jessie", these problems have been fixed in version 2.4.40+dfsg-1+deb8u5. We recommend that you upgrade your openldap packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . OpenLDAP security patch addresses several vulnerabilities, notably inadequate segregation and access control weaknesses.. OpenLDAP Update, DebianSecurity Fix, Authentication Issues, Directory Service Vulnerabilities. . Severity: Critical. LinuxSecurity.com Team
Aug 18, 2019
•Critical
Debian LTS
200
security advisorybug fiximportantSciLinux: SLSA-2018-1380-1 Critical: 389-DS-Base Crash Fix via LDAPsearch
389-ds-base: ns-slapd crash via large filter value in ldapsearch (CVE-2018-1089) Bug Fix(es): * Indexing tasks in Directory Server contain the nsTaskStatus attribute to monitor whether the task is completed and the database is ready to receive updates. Before this update, the server set the value that indexing had completed before the database was ready to receive updates. Applications which [More...]. Synopsis: Important: 389-ds-base security and bug fix update Advisory ID: SLSA-2018:1380-1 Issue Date: 2018-05-15 CVE Numbers: CVE-2018-1089 -- Security Fix(es): * 389-ds-base: ns-slapd crash via large filter value in ldapsearch (CVE-2018-1089) Bug Fix(es): * Indexing tasks in Directory Server contain the nsTaskStatus attribute to monitor whether the task is completed and the database is ready to receive updates. Before this update, the server set the value that indexing had completed before the database was ready to receive updates. Applications which monitor nsTaskStatus could start sending updates as soon as indexing completed, but before the database was ready. As a consequence, the server rejected updates with an UNWILLING_TO_PERFORM error. The problem has been fixed. As a result, the nsTaskStatus attribute now shows that indexing is completed after the database is ready to receive updates. * Previously, Directory Server did not remember when the first operation, bind, or a connection was started. As a consequence, the server applied in certain situations anonymous resource limits to an authenticated client. With this update, Directory Server properly marks authenticated client connections. As a result, it applies the correct resource limits, and authenticated clients no longer get randomly restricted by anonymous resource limits. * When debug replication logging is enabled, Directory Server incorrectly logged an error that updating the replica update vector (RUV) failed when in fact the update succeeded. The problem has been fixed, and the server no longer logs an error ifupdating the RUV succeeds. * This update adds the -W option to the ds-replcheck utility. With this option, ds-replcheck asks for the password, similar to OpenLDAP utilities. As a result, the password is not stored in the shell's history file when the -W option is used. * If an administrator moves a group in Directory Server from one subtree to another, the memberOf plug-in deletes the memberOf attribute with the old value and adds a new memberOf attribute with the new group's distinguished name (DN) in affected user entries. Previously, if the old subtree was not within the scope of the memberOf plug-in, deleting the old memberOf attribute failed because the values did not exist. As a consequence, the plug-in did not add the new memberOf value, and the user entry contained an incorrect memberOf value. With this update, the plug-in now checks the return code when deleting the old value. If the return code is "no such value", the plug-in only adds the new memberOf value. As a result, the memberOf attribute information is correct. * In a Directory Server replication topology, updates are managed by using Change Sequence Numbers (CSN) based on time stamps. New CSNs must be higher than the highest CSN present in the relative update vector (RUV). In case the server generates a new CSN in the same second as the most recent CSN, the sequence number is increased to ensure that it is higher. However, if the most recent CSN and the new CSN were identical, the sequence number was not increased. In this situation, the new CSN was, except the replica ID, identical to the most recent one. As a consequence, a new update in the directory appeared in certain situations older than the most recent update. With this update, Directory Server increases the CSN if the sequence number is lower or equal to the most recent one. As a result, new updates are no longer considered older than the most recent data. -- SL7 x86_64 389-ds-base-1.3.7.5-21.el7_5.x86_64.rpm 389-ds-base-debuginfo-1.3.7.5-21.el7_5.x86_64.rpm 389-ds-base-devel-1.3.7.5-21.el7_5.x86_64.rpm 389-ds-base-libs-1.3.7.5-21.el7_5.x86_64.rpm 389-ds-base-snmp-1.3.7.5-21.el7_5.x86_64.rpm - Scientific Linux Development Team . Critical enhancement for 389-ds-base addressing ldapsearch failure problems and boosting reliability in directory administration.. 389ds, slapd, bugfix, directoryservice, SCILinux. . Severity: Critical. LinuxSecurity.com Team
May 15, 2018
•Critical
Scientific Linux
200
security advisorysecurity updateauthentication issueScientific Linux SLSA-2014:0292-1 Critical Security Update for 389-ds-base
Important: 389-ds-base security update. Date: Thu, 13 Mar 2014 20:10:43 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Important: 389-ds-base on SL6.x i386/x86_64 MIME-Version: 1.0 Synopsis: Important: 389-ds-base security update Advisory ID: SLSA-2014:0292-1 Issue Date: 2014-03-13 CVE Numbers: CVE-2014-0132 -- It was discovered that the 389 Directory Server did not properly handle certain SASL-based authentication mechanisms. A user able to authenticate to the directory using these SASL mechanisms could connect as any other directory user, including the administrative Directory Manager account. This could allow them to modify configuration values, as well as read and write any data the directory holds. (CVE-2014-0132) After installing this update, the 389 server service will be restarted automatically. -- SL6 x86_64 389-ds-base-1.2.11.15-32.el6_5.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-32.el6_5.i686.rpm 389-ds-base-debuginfo-1.2.11.15-32.el6_5.x86_64.rpm 389-ds-base-devel-1.2.11.15-32.el6_5.i686.rpm 389-ds-base-devel-1.2.11.15-32.el6_5.x86_64.rpm 389-ds-base-libs-1.2.11.15-32.el6_5.i686.rpm 389-ds-base-libs-1.2.11.15-32.el6_5.x86_64.rpm i386 389-ds-base-1.2.11.15-32.el6_5.i686.rpm 389-ds-base-debuginfo-1.2.11.15-32.el6_5.i686.rpm 389-ds-base-devel-1.2.11.15-32.el6_5.i686.rpm 389-ds-base-libs-1.2.11.15-32.el6_5.i686.rpm - Scientific Linux Development Team . Crucial 389-ds-base patch for Scientific Linux addresses severe authentication vulnerabilities. Update immediately for safety.. 389-ds-base, Security Update, Scientific Linux, Authentication Issue. . Severity: Important. LinuxSecurity.com Team
Mar 13, 2014
•Important
Scientific Linux
98
security advisorysecurity updateRed Hat Enterprise LinuxRed Hat Enterprise Linux 6 RHSA-2012-0997-01 Moderate: LDAP Password Issues
Updated 389-ds-base packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: 389-ds-base security update Advisory ID: RHSA-2012:0997-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2012:0997.html Issue date: 2012-06-20 CVE Names: CVE-2012-2678 CVE-2012-2746 ==================================================================== 1. Summary: Updated 389-ds-base packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. A flaw was found in the way 389 Directory Server handled password changes. If an LDAP user has changed their password, and the directory server has not been restarted since that change, an attacker able to bind to the directory server could obtain the plaintext version of that user's password via the "unhashed#user#password" attribute. (CVE-2012-2678) It was found that when the password for an LDAP user was changed, and audit logging was enabled (it is disabled by default), the new password was written to the audit log in plain text form. This update introduces a new configuration parameter, "nsslapd-auditlog-logging-hide-unhashed-pw", which when set to "on" (the default option), prevents 389 Directory Server from writing plain text passwords to the audit log. This option can be configured in "/etc/dirsrv/slapd-[ID]/dse.ldif". (CVE-2012-2746) All users of 389-ds-base are advised to upgrade to these updated packages, which resolve these issues. After installing this update, the 389 server service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 829933 - CVE-2012-2678 rhds/389: plaintext password disclosure flaw 833482 - CVE-2012-2746 rhds/389: plaintext password disclosure in audit log 6. Package List: Red Hat Enterprise Linux Desktop Optional (v. 6): Source: i386: 389-ds-base-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-debuginfo-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-devel-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-libs-1.2.10.2-18.el6_3.i686.rpm x86_64: 389-ds-base-1.2.10.2-18.el6_3.x86_64.rpm 389-ds-base-debuginfo-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-debuginfo-1.2.10.2-18.el6_3.x86_64.rpm 389-ds-base-devel-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-devel-1.2.10.2-18.el6_3.x86_64.rpm 389-ds-base-libs-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-libs-1.2.10.2-18.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v.6): Source: x86_64: 389-ds-base-1.2.10.2-18.el6_3.x86_64.rpm 389-ds-base-debuginfo-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-debuginfo-1.2.10.2-18.el6_3.x86_64.rpm 389-ds-base-devel-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-devel-1.2.10.2-18.el6_3.x86_64.rpm 389-ds-base-libs-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-libs-1.2.10.2-18.el6_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: i386: 389-ds-base-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-debuginfo-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-libs-1.2.10.2-18.el6_3.i686.rpm x86_64: 389-ds-base-1.2.10.2-18.el6_3.x86_64.rpm 389-ds-base-debuginfo-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-debuginfo-1.2.10.2-18.el6_3.x86_64.rpm 389-ds-base-libs-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-libs-1.2.10.2-18.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: i386: 389-ds-base-debuginfo-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-devel-1.2.10.2-18.el6_3.i686.rpm x86_64: 389-ds-base-debuginfo-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-debuginfo-1.2.10.2-18.el6_3.x86_64.rpm 389-ds-base-devel-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-devel-1.2.10.2-18.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: i386: 389-ds-base-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-debuginfo-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-libs-1.2.10.2-18.el6_3.i686.rpm x86_64: 389-ds-base-1.2.10.2-18.el6_3.x86_64.rpm 389-ds-base-debuginfo-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-debuginfo-1.2.10.2-18.el6_3.x86_64.rpm 389-ds-base-libs-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-libs-1.2.10.2-18.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: i386: 389-ds-base-debuginfo-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-devel-1.2.10.2-18.el6_3.i686.rpm x86_64: 389-ds-base-debuginfo-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-debuginfo-1.2.10.2-18.el6_3.x86_64.rpm 389-ds-base-devel-1.2.10.2-18.el6_3.i686.rpm 389-ds-base-devel-1.2.10.2-18.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature areavailable from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2012-2678 https://access.redhat.com/security/cve/CVE-2012-2746 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2012 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFP4bceXlSAg2UNWIIRAlr8AJ4nn/6Wp8SdYhN5+ukkZWAzdhAFVQCgrr2C kJiFAS86mDpRcaHMP+rIiNw=OBpk -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Jun 20, 2012
Red Hat
98
security advisorysecurity fixRed Hat Enterprise LinuxRed Hat Enterprise Linux 5: RHSA-2008:0389-02 Low: nss_ldap Bug Fix
An updated nss_ldap package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team.. ==================================================================== Red Hat Security Advisory Synopsis: Low: nss_ldap security and bug fix update Advisory ID: RHSA-2008:0389-02 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2008:0389.html Issue date: 2008-05-20 Updated on: 2008-05-21 Keywords: dns thread port rebuild exop referral CVE Names: CVE-2007-5794 ==================================================================== 1. Summary: An updated nss_ldap package that fixes a security issue and several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: The nss_ldap package contains the nss_ldap and pam_ldap modules. The nss_ldap module is a plug-in which allows applications to retrieve information about users and groups from a directory server. The pam_ldap module allows PAM-aware applications to use a directory server to verify user passwords. A race condition was discovered in nss_ldap which affected certain applications which make LDAP connections, such as Dovecot. This could cause nss_ldap to answer a request for information about one user with information about a different user. (CVE-2007-5794) In addition, these updated packages fix the following bugs: * a build error prevented the nss_ldap module from being able to use DNS to discover the location of a directory server. For example, when the /etc/nsswitch.conf configuration file was configured to use "ldap", but no "host" or "uri" option wasconfigured in the /etc/ldap.conf configuration file, no directory server was contacted, and no results were returned. * the "port" option in the /etc/ldap.conf configuration file on client machines was ignored. For example, if a directory server which you were attempting to use was listening on a non-default port (i.e. not ports 389 or 636), it was only possible to use that directory server by including the port number in the "uri" option. In this updated package, the "port" option works as expected. * pam_ldap failed to change an expired password if it had to follow a referral to do so, which could occur, for example, when using a slave directory server in a replicated environment. An error such as the following occurred after entering a new password: "LDAP password information update failed: Can't contact LDAP server Insufficient 'write' privilege to the 'userPassword' attribute" This has been resolved in this updated package. * when the "pam_password exop_send_old" password-change method was configured in the /etc/ldap.conf configuration file, a logic error in the pam_ldap module caused client machines to attempt to change a user's password twice. First, the pam_ldap module attempted to change the password using the "exop" request, and then again using an LDAP modify request. * on Red Hat Enterprise Linux 5.1, rebuilding nss_ldap-253-5.el5 when the krb5-*-1.6.1-17.el5 packages were installed failed due to an error such as the following: + /builddir/build/SOURCES/dlopen.sh ./nss_ldap-253/nss_ldap.so dlopen() of "././nss_ldap-253/nss_ldap.so" failed: ./././nss_ldap-253/nss_ldap.so: undefined symbol: request_key error: Bad exit status from /var/tmp/rpm-tmp.62652 (%build) The missing libraries have been added, which resolves this issue. When recursively enumerating the set of members in a given group, the module would allocate insufficient space for storing the set of member names if the group itself contained other groups, thus corrupting the heap. This updateincludes a backported fix for this bug. Users of nss_ldap should upgrade to these updated packages, which contain backported patches to correct this issue and fix these bugs. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 254172 - Automatic DNS discovery of the LDAP server does not work 364501 - pam_ldap tries to change passwords twice 367461 - CVE-2007-5794 nss_ldap randomly replying with wrong user's data 427370 - RHEL 5.1 nss_ldap does not build with RHEL 5.1 krb5 packages 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: nss_ldap-253-12.el5.i386.rpm nss_ldap-debuginfo-253-12.el5.i386.rpm x86_64: nss_ldap-253-12.el5.i386.rpm nss_ldap-253-12.el5.x86_64.rpm nss_ldap-debuginfo-253-12.el5.i386.rpm nss_ldap-debuginfo-253-12.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: i386: nss_ldap-253-12.el5.i386.rpm nss_ldap-debuginfo-253-12.el5.i386.rpm ia64: nss_ldap-253-12.el5.i386.rpm nss_ldap-253-12.el5.ia64.rpm nss_ldap-debuginfo-253-12.el5.i386.rpm nss_ldap-debuginfo-253-12.el5.ia64.rpm ppc: nss_ldap-253-12.el5.ppc.rpm nss_ldap-253-12.el5.ppc64.rpm nss_ldap-debuginfo-253-12.el5.ppc.rpm nss_ldap-debuginfo-253-12.el5.ppc64.rpm s390x: nss_ldap-253-12.el5.s390.rpm nss_ldap-253-12.el5.s390x.rpm nss_ldap-debuginfo-253-12.el5.s390.rpm nss_ldap-debuginfo-253-12.el5.s390x.rpm x86_64: nss_ldap-253-12.el5.i386.rpm nss_ldap-253-12.el5.x86_64.rpm nss_ldap-debuginfo-253-12.el5.i386.rpm nss_ldap-debuginfo-253-12.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7.References: https://www.cve.org/CVERecord?id=CVE-2007-5794 https://access.redhat.com/security/updates/classification#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. . SUSE releases an update for openldap tackling minor security vulnerabilities and resolving bugs for enterprise Linux clients.. nss_ldap Update, Red Hat Advisory, Bug Fix, LDAP Security, Enterprise Linux. . Severity: Low. LinuxSecurity.com Team
May 21, 2008
•Low
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!