Fedora alert FEDORA-2008-6062 (openldap)
| From: | updates@fedoraproject.org | |
| To: | fedora-package-announce@redhat.com | |
| Subject: | [SECURITY] Fedora 9 Update: openldap-2.4.8-6.fc9 | |
| Date: | Thu, 03 Jul 2008 03:17:22 +0000 | |
| Message-ID: | <200807030317.m633H3YL018502@bastion.fedora.phx.redhat.com> |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2008-6062 2008-07-03 00:48:01 -------------------------------------------------------------------------------- Name : openldap Product : Fedora 9 Version : 2.4.8 Release : 6.fc9 URL : http://www.openldap.org/ Summary : The configuration files, libraries, and documentation for OpenLDAP Description : OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. LDAP is a set of protocols for accessing directory services (usually phone book style information, but other information is possible) over the Internet, similar to the way DNS (Domain Name System) information is propagated over the Internet. The openldap package contains configuration files, libraries, and documentation for OpenLDAP. -------------------------------------------------------------------------------- Update Information: This update fixes CVE-2008-2952 - remote unauthenticated slapd DoS. -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 2 2008 Jan Safranek <jsafranek@redhat.com> 2.4.8-6 - fix CVE-2008-2952 (#453727) * Fri Jun 6 2008 Jan Safranek <jsafranek@redhat.com> 2.4.8-5 - fix a crash (#450017) * Wed May 28 2008 Jan Safranek <jsafranek@redhat.com> 2.4.8-4 - use /sbin/nologin as shell of ldap user (#447919) * Thu May 22 2008 Tom "spot" Callaway <tcallawa@redhat.com> 2.4.8-3.1 - minor bump for sparc rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #453444 - CVE-2008-2952 OpenLDAP denial-of-service flaw in ASN.1 decoder https://bugzilla.redhat.com/show_bug.cgi?id=453444 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update openldap' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at http://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-ann...