ELSA-2006-0719

ELSA-2006-0719 - Moderate nss_ldap security update

Type:SECURITY
Severity:MODERATE
Release Date:2006-11-30

Description


[226-17]
- temporarily disable fixes for #190256 and #206438 for security update

[226-16]
- include backported fix for off-by-one crasher in various result parsing
functions (Carsten Clashom, #206438)

[226-15]
- don't suppress policy errors encountered during authentication if the
specific policy error isn't one which the PAM spec indicates should be
reported during account management (CVE-2006-5170, #207286, upstream #291)

[226-14]
- return PAM_NEW_AUTHTOK_REQD instead of PAM_PERM_DENIED in case of a
POLICY_ERROR_CHANGE_AFTER_RESET policy response from the server (#190256)


Related CVEs


CVE-2006-5170

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 4 (i386) nss_ldap-226-17.src.rpm6312ec10374264117673d19fa35051aeELBA-2011-0239
nss_ldap-226-17.i386.rpm16f74e1f1ec3486b2a218076720aa63bELBA-2011-0239
Oracle Linux 4 (x86_64) nss_ldap-226-17.src.rpm6312ec10374264117673d19fa35051aeELBA-2011-0239
nss_ldap-226-17.i386.rpm16f74e1f1ec3486b2a218076720aa63bELBA-2011-0239
nss_ldap-226-17.x86_64.rpma4b99f3a07b8099cff3d99ee1aaea1d6ELBA-2011-0239



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete